no doubt..it is malaria...
Exabytes server got compromise or?, webmaster or tech expert pls come in
|
|
 Jul 20 2012, 06:25 PM
|
 
Junior Member
343 posts Joined: May 2012 
|
|
Quote|
|
Jul 20 2012, 06:29 PM
|
Senior Member
539 posts Joined: Jul 2008 From: Just behide you ! 
|
QUOTE(edwardstevens @ Jul 20 2012, 06:13 PM) is that a windows or linux server? its linux.because i've experience this before on windows server i'm running IIS with PHP addon and some line meant for ASP script appear on my php script  Here's another company website (Not under my account but hosted on the same IP) : thundermatch.com.my http://www.webpagetest.org/result/120720_3Q_C3Q/1/details/ The malware link is : http://kunsjiendevie...ien.eu/57254443.htm' http://wepawet.iseclab.org/view.php?hash=d...2779747&type=js The malware link is : http://epi3d.fr /53534443.html http://urlquery.net/report.php?id=97533 The malware link is : http://epi3d.fr /48874443.html I really can't figure out what's the problem/root cause. I think I'll just switch to another host. This post has been edited by xDragonZ: Jul 20 2012, 06:31 PM |
|
|
Aug 15 2012, 03:11 PM
|
Newbie
3 posts Joined: May 2012 
|
Thank you for posting this! I found that many websites has been infected by this even my html homepage is infected too!
Do you know how RedKit Exploit kit works? Is it from Server side or caused by the website developer itself? |
|
|
Aug 16 2012, 12:02 AM
|
|
Senior Member
539 posts Joined: Jul 2008 From: Just behide you !
|
QUOTE(ray871106 @ Aug 15 2012, 03:11 PM) Thank you for posting this! I found that many websites has been infected by this even my html homepage is infected too! Its from server side where Exabytes apache module was infected by malware.Do you know how RedKit Exploit kit works? Is it from Server side or caused by the website developer itself? FYI : It seems they have fixed this (I not sure about others server is still infected or not) after 1 week of submitting support tickets with them and they keep telling me is from my script (even i put empty html page it also infected) .  and I give up on exabytes ready. Some more info on that http://www.symantec.com/connect/blogs/exte...serve-malware-0 and http://www.stopthehacker.com/2011/05/23/ap...inject-malware/ This post has been edited by xDragonZ: Aug 16 2012, 12:11 AM |
|
|
Aug 16 2012, 12:24 AM
|
|
Newbie
3 posts Joined: May 2012
|
QUOTE(xDragonZ @ Aug 16 2012, 01:02 AM) Its from server side where Exabytes apache module was infected by malware. Thank you for your information!FYI : It seems they have fixed this (I not sure about others server is still infected or not) after 1 week of submitting support tickets with them and they keep telling me is from my script (even i put empty html page it also infected) . and I give up on exabytes ready. Some more info on that http://www.symantec.com/connect/blogs/exte...serve-malware-0 and http://www.stopthehacker.com/2011/05/23/ap...inject-malware/ No wonder, my website was infected too. Submitted the ticket and they said it was caused my script. Then request me to Request a Review from Google Webmaster if I have clean. I restored clean code three times and the website was still infected, and even just a temporary small HTML page. I got a reply from an unmaskparasites' expert who wrote about the malware that infected my website. http://blog.unmaskparasites.com/2012/08/13...ame-injections/ It seemed to work on a server level. They should admit it that the server was infected! Haiz, wasted my time to monitor the website whole day.  Hopefully they can fix it quickly next time! |
| Bump Topic Add ReplyOptions New Topic |
| Change to: |  0.0176sec
 0.43
 5 queries
 GZIP Disabled
Time is now: 28th January 2021 - 04:18 PM |
All Rights Reserved 2002- 2021 Vijandren Ramadass (~ unite against racism ~)
Powered by Invision Power Board © 2021 IPS, Inc.