Announcement

Collapse
No announcement yet.

Site compromised?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Site compromised?

    Our site was infected with malware 2 weeks ago, it was a redirect (it may have been called Joomla?) & appeared to be on the server & not in any local files. Passwords were changed, the site refreshed & the site declared by OK by Google within a day & a half or so. Since then some unused stuff on the server (blog & chat software) have been removed & it's only SD content that s on the server.

    Last night a known customer informed me that they had received an AVAST antivirus warning regarding "jS:Includer.BCE" when trying to access the site. I've rescanned locally with Norton & Malwarebytes with nothing being found & also tried a few online site scanning tools.

    The majority of these tools are suggesting that there isn't a problem, but one (Securi) is suggesting that there is a problem, with 4 instances of "MW:JS:IFRAME:INJECTED691" being listed.

    I'm not familiar with Securi, so I'm not sure about it's accuracy or event legitimacy.

    Any advice much appreciated.
    Air Tech Equipment Ltd - Online Airbrush, Craft & Graphics equipment supplier

    #2
    I am not getting any AV warnings from 2 different machines running different AV software.

    When you have a virus / malware on the server you are usually best FTP'ing to the server and manually deleting everything off there then installing back from clean files. SellerDeck sends the files from your PC (check that is clean as well) but blogs etc will need installing remotely via your server control panel. Any blog backups should be scanned for malware as well. Typically malware is injected via old versions of software on the server so ensure everything is fully patched and you are running the latest versions of PHP, Wordpress etc.

    I am not familiar with Securi but be wary of unknown software acting as AV software but actually either registering false flags so you buy or are malware themselves. I am not suggesting Securi is either.


    Bikster
    SellerDeck Designs and Responsive Themes

    Comment


      #3
      Similar recent thread http://community.sellerdeck.com/showthread.php?p=345850


      Bikster
      SellerDeck Designs and Responsive Themes

      Comment

      Working...
      X