- This topic is empty.
-
Posts
-
We just got an update on a pretty major, developing story.
Matt Cutts just released a statement to 20,000 sites, as these sites are at risk or have already been hacked because of “weird redirects.”
To get the full story, go here:
Matt Cutts Issues Statement: 20,000 Messages Sent to Hacked Webmasters
As we get more updates on this developing story, we will be sure to alert the community. And… we welcome any updates you may come across as well…@Caseym 238681 wrote:
How many people checked their site via google after reading this
No new messages or recent critical issues. LOL!
This happened to allfreechips before I upgraded the site, and it was very tricky. It would only re-direct if you click on a google link! so as a webmaster you dont know, and even more tricky it added a cookie before it starts so it was only new people clickijng from google, and it only did it once per user! This was a VBSEO exploit to all you VBSEO users.
I assume they got the email address from the domain registration data.
Or was it only google analytics participants?
no, it was a dead file share site by the time i got hit.. it was all base64 code stored in sql so it was converted at runtime by VBSEO, very well thought out hack
It happened to all my sites which were on Joomla and same as allfreechips as it redirected straight from Google and not the direct type in – So bloody annoying as couldn’t rescue the sites and now having to start all over again site by site… Mine redirected to some Philipines site called Happy New year
@alexpratt 238701 wrote:
It happened to all my sites which were on Joomla and same as allfreechips as it redirected straight from Google and not the direct type in – So bloody annoying as couldn’t rescue the sites and now having to start all over again site by site… Mine redirected to some Philipines site called Happy New year
Yikes… Thanks for the update, Alex. Sincerely sorry this happened to you… AND the issues AllFreeChips has encountered. He put it best, it seems like it was a damn good hack by some pros that knew what they were doing.
This story is definitely on our radar. As we uncover more updates, we’ll be sure to let the community know.
“The best way to save your site from this issue is to get access to Google Webmaster Tools and verify your website, configure notifications and alerts to arrive to an email you regularly check.”
If a site is verified on Google how do this protect tou from having your site hacked?
Good bit of info by the way Jill; thanks for keeping us informed on this stuff.
Today when browsing through Google Webmaster I noticed I had this warning “Notice of Suspected Hacking” for one of my sites.
One of my non gambling WordPress sites has been hacked. My NOD32 Antivirus blocked a threat called JS/Kryptik.LU trojan when visiting any page on this site. It must have placed a cookie as it would only do it once.
So I uploaded a plugin called WP Security Scan which helped me secure my site. I also signed up for a free beta account at Website Defender. They scanned my account and found two possible malicious files:
wp-content/plugins/oiopub-direct/include/fusion.php
wp-content/avatars/lightwindow.phpThese files had some seriously suspicious code in them. I’ve deleted them and my site seems to be fine for now. Keeping my fingers crossed.
@ixian 238767 wrote:
Today when browsing through Google Webmaster I noticed I had this warning “Notice of Suspected Hacking” for one of my sites.
One of my non gambling WordPress sites has been hacked. My NOD32 Antivirus blocked a threat called JS/Kryptik.LU trojan when visiting any page on this site. It must have placed a cookie as it would only do it once.
So I uploaded a plugin called WP Security Scan which helped me secure my site. I also signed up for a free beta account at Website Defender. They scanned my account and found two possible malicious files:
wp-content/plugins/oiopub-direct/include/fusion.php
wp-content/avatars/lightwindow.phpThese files had some seriously suspicious code in them. I’ve deleted them and my site seems to be fine for now. Keeping my fingers crossed.
On one of my sites the plugin said
“Change your database table prefix to mitigate zero-day SQL Injection attacks.”
Is this a very real threat?
I got hacked 3 times in the last 2 months – if you are using cpanel make sure you click the -see hidden files – because that’s usually where they put the ‘bad stuff’ or f-up your htaccess file
Nothing that serious but still
also make sure you enable brute force detection, I am amazed at how many attempts a day I get froim China, Russian, India and US at my server level.
there is a hosting software vulnerability (e-commerce software, or something related) that permits to modify .htaccess file, I moved my mobi sites from webhosting uk because of this, (thanks it was for mobi, because they redirected just mobile and spider traffic, so you can have this for years on server) Have contacted the hosting – but they found the problem after 3 months.
