Arcade Website Hacked - Need Help!

Hi, I have a website www.MadAboutArcadeGames.com. Some time ago it was hacked into and a redirection was set up to transfer users to another site...I have checked all the obvious things within the index page and the CPanel hosting for redirects but this does not seem to be the issue...I was told that an entry may have been placed into the database to cause this but could not find anything (I am not good with databases though)! It goes to load the site but then the redirection takes place...Please let me know if you could fix this for me...I also have another indentical site with the same issue...Many thanks and regards Carl

 

let me see your database then only i would be able to comment where is the issue...

 

Is it resolved? I'm not redirected to another site now.

 

Says account suspended

 

I'd be willing to take a look at it. I'd only charge ten dollars if I succeed.

Let me know ASAP so I can investigate.


Cheers

Matt

 

It does say "Account Suspended"...This is because it is directing to another website, which has since been suspended...You will notice it tried to load the site and is then directed away...

 

If i can have the privilege to get access to your file and DB ..

Best Regards,
MM

 

When a redirect is occurring, the first place to look is usually .htaccess to see if it got modified by a hack.

However, on your home page (and maybe others) are several instances of the following code between script tags:

javascript : document.location="hxxp://www.{AnotherWebsite(not yours)}.com/hacked.html";

There are two in the Sponsored Links section, one inside the div: class='menuheadblue'.

(Since this is JS, only users who have JavaScript enabled will get redirected.)

There is a security alert about arcadebuilder 1.7 at http://secunia.com/advisories/25916/.
It describes a vulnerability to SQL injection, which does seem to imply that the bad code is stored in your database and may be getting onto the pages from there.

(Check the source code of the page on your server first, though, to make sure it isn't hard-coded into the page. That would imply you had a different kind of attack.)

Even if you clean the database, it won't help unless you also upgrade your arcadebuilder software to the latest version (or apply the "vendor patch", however arcadebuilder handles upgrades).

 

Hi, Your site has not been hacked it is still functional FF > Tools > Options > Content > Disable Javascript

Its a simple javascript redirection code. Remove this "javascript:document.location="http://www.va{remove this}gifart.com/hacked.html";" line of code off your source and then check to see if the site works again.




The whois information of the site which your site redirects too, is available here: http://who.is/whois-com/ip-address/vagifart.com/

 

So, finally, I'm not the only one here that didn't get redirection. That's maybe I'm using NoScript addon.

Here's piece of code that affect redirection:

You have 3 credits left before you must log in or <a href='http://www.madaboutarcadegames.com/register/register.html' class='cmenulink'><b>register</b></a>.</div>
</div><div class='menuheadblue'>
 <div class='menuheadtext'>Sponsored Links</div>
</div>&nbsp;&nbsp;
<script>javascript:document.location="http://www.vagifart.com/hacked.html";</script><p>
</br>
<script>javascript:document.location="http://www.vagifart.com/hacked.html";</script>p>

<div class='membersmenu'><div class='sidemenucontent' style='text-align: center;'>

 <b>Top Players</b>
</div>

HTML:

 

Here is one line ans as per me! Just chk your included files! For the bottom links! or coding for that as this is affects on all pages! Its related to links section.

 

I just fixed the issue! looking for 2nd site!!

 

check the database

 

Many thanks too everyone who has posted on this post...It looks like the database has been wiped also, so I need to restore the database now...Somehow if I have a backup!