Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 12 of 12
  1. #1
    New to the CF scene
    Join Date
    Jun 2009
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Urgent... website problem regarding malicious software

    Harmful software has been uploaded to my blog (not sure where the source come from) might be people hacking or the malicious software
    has been distributed on the web (most of the malware now are
    automated). I'm not sure which of these is the cause. This malware
    actually created by people and injected to one machine / site >
    malware has the capability to change itself / transport to other
    machine linked > and these things kept jumping from one site to other
    site.

    Therefore, google has just recorded my blog as a harmful website. In
    order to clear this thing and get back my blog, what do you recommend me to do? Anyone here know about this matter?

    Please kindly share your experiences on how to clear this problem.

    Thanks

  • #2
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    What kind of blog do you have and have you installed all updates?
    ||||If you are getting paid to do a job, don't ask for help on it!||||

  • #3
    New to the CF scene
    Join Date
    Jun 2009
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts
    It is my blog to give readers updates on the recent news.
    Basically a blog host by a free web hosting.

  • #4
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    I understand its a blog but which blog software are you using? Wordpress, blogger? Something different?
    ||||If you are getting paid to do a job, don't ask for help on it!||||

  • #5
    New Coder
    Join Date
    May 2009
    Posts
    74
    Thanks
    0
    Thanked 7 Times in 7 Posts
    Quote Originally Posted by xuan88 View Post
    Harmful software has been uploaded to my blog (not sure where the source come from) might be people hacking or the malicious software
    has been distributed on the web (most of the malware now are
    automated). I'm not sure which of these is the cause. This malware
    actually created by people and injected to one machine / site >
    malware has the capability to change itself / transport to other
    machine linked > and these things kept jumping from one site to other
    site.

    Therefore, google has just recorded my blog as a harmful website. In
    order to clear this thing and get back my blog, what do you recommend me to do? Anyone here know about this matter?

    Please kindly share your experiences on how to clear this problem.

    Thanks
    Your website link please.

    Regards.
    Last edited by frankle; 06-02-2009 at 07:07 AM.

  • #6
    The fat guy next door VIPStephan's Avatar
    Join Date
    Jan 2006
    Location
    Halle (Saale), Germany
    Posts
    8,677
    Thanks
    6
    Thanked 1,008 Times in 981 Posts
    Spam robots often look for standard footer messages of default installations such as “Site created with [software name]”. If you do a search about the malicious code they injected into your site then you’ll probably find other sites with the same CMS and such a footer message. And most of them haven’t upgraded to the latest version, and are therefore vulnerable to threats that have already been fixed in the latest version.

  • #7
    New to the CF scene
    Join Date
    Jun 2009
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I'm using wordpress and free hosting by rycohost.com

    I'm quite confuse and not sure what should I do next.

    Please give me your advises as I know some of you here are expert.
    Thanks alot.

  • #8
    New to the CF scene
    Join Date
    Jun 2009
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by VIPStephan View Post
    Spam robots often look for standard footer messages of default installations such as “Site created with [software name]”. If you do a search about the malicious code they injected into your site then you’ll probably find other sites with the same CMS and such a footer message. And most of them haven’t upgraded to the latest version, and are therefore vulnerable to threats that have already been fixed in the latest version.
    Does it mean that I need to install the latest version of wordpress?
    Will my posts still at the database? Or there's still malicious code at my site?

  • #9
    The fat guy next door VIPStephan's Avatar
    Join Date
    Jan 2006
    Location
    Halle (Saale), Germany
    Posts
    8,677
    Thanks
    6
    Thanked 1,008 Times in 981 Posts
    Yes, you should always upgrade to the newest version as soon as it is available. Normally, at an upgrade (at least a minor one) you only overwrite the files on the server, the database stays the same, and hence, your entries stay the same. However, it’s always recommended to do a backup of your database and your files on the server before performing an upgrade (I think there are Wordpress plugins for DB backup).

    We can’t be 100% sure but it’s likely that they have injected their malicious code into your database so it would be good to search your DB (e. g. using phpMyAdmin) for the bad entries. It would really be hepful if you gave us a link to your site so we can see what’s wrong and may give some better advice.

  • #10
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    Be sure to read the documentation on the upgrade process.

    http://codex.wordpress.org/Upgrading_WordPress
    ||||If you are getting paid to do a job, don't ask for help on it!||||

  • #11
    The fat guy next door VIPStephan's Avatar
    Join Date
    Jan 2006
    Location
    Halle (Saale), Germany
    Posts
    8,677
    Thanks
    6
    Thanked 1,008 Times in 981 Posts
    OK, from looking at your source code (which you kindly provided via PM since you don’t want to make your site public) I couldn’t find any obvious things like an injected iframe or a script. It may be that not Wordpress but your server has been hacked or whatever but it’s not entirely clear. Search the internet for “Wordpress trojan” or something like that. What I’ve found with a bit of searching was: http://www.bontb.com/2008/03/wp-cont...ress-bloggers/ , http://wordpress.org/support/topic/200861 and https://wpsecurity.net/severe-securi...wordpress-261/

    I’d suggest you do a complete backup of your DB and your Wordpress files, then delete everything and change all your passwords for the database and FTP, and do a fresh install of the newest version (also change your admin password). Then contact Google to review your website and reset its status and hopefully you’ll be free of it.

  • #12
    New to the CF scene
    Join Date
    Jun 2009
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts
    In this case, do I need to change hosting? Or just stick to the one that I have?

    Thanks for the suggestion. I'm trying to reinstall and set up everything now.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •