Our site was attacked by hackers

furious_gamer · Feb 10, 2009

Yes, that's correct. You read it right.When i upload some coding's today morning and check it out, seems no problem with our site.But when i check it now, mozilla restricts me to open our site and says "it may harm your computer" error message.
I checked the pages for any Injection attack and some Obfuscated code but nothing seems there. But when i open the index page, it automatically starts download something, which was identified as Trojan by Kaspersky.
Please guys do tell me what's wrong with my page.
Please mail me to get the URL of our site as i don't want to reveal it in public.

victor_rambo · Feb 10, 2009

Did you contact your host? Right now(and almost always), they are the only people who can help you. I don't think any one would want to risk their PC by visiting your site anyway since you have confirmed the malware!

And since you have not posted anything about the url, I wonder who can tell the problem....possibly the trojan may have been uploaded exploiting some PHP script on your server. Do you have any uploading scripts on your server???

Faun · Feb 10, 2009

can u post index page code here or better the url to your site. Look at the footer or header part, mostly there is some malicious javascipt code is there.

furious_gamer · Feb 11, 2009

victor_rambo said:
Did you contact your host? Right now(and almost always), they are the only people who can help you. I don't think any one would want to risk their PC by visiting your site anyway since you have confirmed the malware!

And since you have not posted anything about the url, I wonder who can tell the problem....possibly the trojan may have been uploaded exploiting some PHP script on your server. Do you have any uploading scripts on your server???

Yes, i mailed them and will get reply by today afternoon... There is no uploading scripts in my server...

T159 said:
can u post index page code here or better the url to your site. Look at the footer or header part, mostly there is some malicious javascipt code is there.

EDITED :
Thanks dude, i look at the index.html page and found a code at iframe tag that point to a site, that was listed as malicious by google.. Now fixed it..
But still one more page to go..

damngoodman999 · Feb 11, 2009

which operating system does the host provide ???

can u mention the antivirus & firewall ??

furious_gamer · Feb 11, 2009

We're under Linux shared hosting plan. I dunno abt the antivirus and firewall that they provide..

EDITED : Guys found the malicious code and removed it. Still one page to go, if i found that too, then i am free from this.

Our site was attacked by hackers

furious_gamer

Excessive happiness

victor_rambo

हॉर्न ओके प्लीज़

Faun

Wahahaha~!

furious_gamer

Excessive happiness

damngoodman999

damnbadman666

furious_gamer

Excessive happiness