1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Website hacked - this web site may harm your computer!

Discussion in 'Web Design' started by mpulse, Nov 12, 2011.

  1. mpulse

    mpulse Regular Member

    Joined:
    May 27, 2009
    Messages:
    292
    Likes Received:
    40
    how do I get rid of this?

    Anybody know a way to scan my sql and files to check if something is still hacked? Joomla site but this happens ive seen in wordpress too.



    Reported Attack Page!



    This web page at website has been reported as an attack page and has been blocked based on your security preferences.





    Attack pages try to install programs that steal private information, use your computer to attack others, or damage your system.Some attack pages intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners.
     
  2. Zapdos

    Zapdos Power Member

    Joined:
    Oct 22, 2011
    Messages:
    597
    Likes Received:
    708
    Location:
    Eastern North Carolina
    If your on shared hosting:
    Step 1) Contact your provider and ask for access and modification logs because you were hacked
    Step 2) Password protect your entire site using htaccess so the hacker cant get back in using a web script based attack
    Step 3) Login to your joomla backend and look for all your plugins. Compare what you have installed to a list of plugins known to have security holes (see securityreason.com/search/ in the top right). Search for joomla. Disable/update any plugins found.
    Step 4) Change your login passwords for cPanel, Joomla, MySQL and every other conceivable password on your host. If you use the same password for other places, do it there as well and make them different on each.
    Step 5) Find the malicious code (you can view your own website and check the source)
    Step 6) Copy the code, then have your host revert to a previous backup.
    Step 7) Search the files and database for similar strings of the hack.

    Normally it's an encoded string at the top or bottom of .php files.
     
    • Thanks Thanks x 1
  3. mpulse

    mpulse Regular Member

    Joined:
    May 27, 2009
    Messages:
    292
    Likes Received:
    40
    Yeah good call.

    I di most of that. But how long does it take googe to reflect that its been fixed?
    Any ideas?
     
  4. ronegraT

    ronegraT Power Member

    Joined:
    Dec 29, 2010
    Messages:
    620
    Likes Received:
    101
    Occupation:
    sleeping
    Location:
    Sweden
    You have to resubmit it to google, i did it through Google Webmaster tools and it took some time (i hadnĀ“t found all infections) but when i removed all it took some minutes and then it was fixed.

    For me it was hidden iframes that was placed in the code both index.php and index.html
     
  5. mpulse

    mpulse Regular Member

    Joined:
    May 27, 2009
    Messages:
    292
    Likes Received:
    40
    i actually cleaned everything up and went to webmaster tools. told them it was clean. they indexed it and the red page was gone..
     
  6. hadeska

    hadeska Newbie

    Joined:
    Nov 30, 2011
    Messages:
    32
    Likes Received:
    19
    Please scan your themes, if your find iframe and linked the iframe to other harmfull site you can delleted the iframe.

    Sent from my IDEOS S7 Slim using Tapatalk
     
  7. mpulse

    mpulse Regular Member

    Joined:
    May 27, 2009
    Messages:
    292
    Likes Received:
    40
    Yes I noticed a little 10px dot in the site theme and admin theme....
    If you see a site with a gray dot in the bottom left corner, it has malware

    But this shit spread to every single index.html file..
    It was tough.. something I charged the client a hefty fee for. But 1st time un hacking a site.. WIN
     
  8. everythingred

    everythingred Jr. VIP Jr. VIP Premium Member

    Joined:
    Jul 21, 2010
    Messages:
    1,869
    Likes Received:
    1,232
    happened to me today. good thing google webmaster is quick.