Hi Guys & Gals, New to the forum so be gentle!! I run and manage a small HTML site that we use for our family business. I check it religiously and noticed today that there was some wierd txt that appeared in the background of the index page.... below is a copy and paste of the words: ----------------- mbt kisumu shoes chi hair straighteners Minnesota twins jerseys spain world cup jerseys sale lacoste women shoes nike air max shoes airforce one shoes ----------------- I checked the code to find that the following URLS had appeared: <a href="http://www.mbtshoesbuy.com/mbt-kisumu-shoes-c-47.html">mbt kisumu shoes</a> <a href="http://www.stylerghd.com/specials.html">chi hair straighteners</a> <a href="http://www.alihello.com/mlb-jerseys-minnesota-twins-c-258_362.html">Minnesota twins jerseys</a> <a href="http://www.yooyles.com/world-cup-jerseys-spain-jerseys-c-239_409_562_596.html">spain world cup jerseys sale</a> <a href="http://www.thetopshoes.com/lacoste-women-shoes-c-102.html">lacoste women shoes</a> <a href="http://www.fbikey.com/nike-air-max-shoes-c-522.html">nike air max shoes</a> <a href="http://www.airforceoneshop.com/products_all.html">airforce one shoes</a> ---------------------------- On Googling the spam words it appears that this is hidden in many, many sites without webmasters knowing it!!! My question is .. how the hell did it get there?? I rang my hosting company and they informed me that there had been no security breech to my server (they are the UKs biggest hosting site) and informed me that it could be a iframe hack and to change my FTP password - which I have done. Any ideas on this one or does anyone know of this problem??? Any comments appreciated! Thanks - Pudders
UPDATE Just checked the site again and the same thing has hapened... the following URLS have appeared in my index.html code: </div><div style="position: absolute; top: -945px;left: -945px;"> <a href="http://www.mbtshoesbuy.com/mbt-kisumu-shoes-c-47.html">mbt kisumu shoes</a> <a href="http://www.stylerghd.com/specials.html">chi hair straighteners</a> <a href="http://www.alihello.com/mlb-jerseys-minnesota-twins-c-258_362.html">Minnesota twins jerseys</a> <a href="http://www.yooyles.com/world-cup-jerseys-spain-jerseys-c-239_409_562_596.html">spain world cup jerseys sale</a> <a href="http://www.thetopshoes.com/lacoste-women-shoes-c-102.html">lacoste women shoes</a> <a href="http://www.fbikey.com/nike-air-max-shoes-c-522.html">nike air max shoes</a> <a href="http://www.airforceoneshop.com/products_all.html">airforce one shoes</a> Can anyone help out???
No this is a hack for sure. Unfortunately I do not know enough about it yet as I just started researching it and which brought me to this post. I will try and shed some more light as I dig deeper.
Do you have a system where users can add comments or contribute text in anyway? Do you use iframes are any kind of ajax/external html anywhere?