Hi folks,
I set up a version 1.5.1 site from scratch a couple of weeks ago. Everything went fine. Running on Linux and Apache.
It has now been infected by some malware, which Google Chrome says comes from '7 Speed' and Norton says is a HTTP Malicious Toolkit Variant Activity. I found more info (from http://mtminds.com/tag/troubleshooting/) about what's causing it, but not how the hack happened in the first place.
I've done everything suggested here (http://wiki.cmsmadesimple.org/index.php ... mall_Guide), except the changes to php.ini, which I don't have access to.
Is there a fix ?
Many thanks
Ciaran
7-speed javascript based hack
-
ciaranclissmann
- New Member
- Posts: 3
- Joined: Tue Nov 25, 2008 8:16 pm
Re: 7-speed javascript based hack
Shared hosting environment? maybe someone on server let it in if they can get into server backend then it is toast, called your hoster yet?...
-
ciaranclissmann
- New Member
- Posts: 3
- Joined: Tue Nov 25, 2008 8:16 pm
Re: 7-speed javascript based hack
Yes, I've asked my hoster (no reply yet). I'll update when I hear back.
I have a vague suspicion it's to do with the file upload functionality, but no more than that.
Has nobody else been hacked by the same (presumably automated) problem ?
Thanks for your time!
I have a vague suspicion it's to do with the file upload functionality, but no more than that.
Has nobody else been hacked by the same (presumably automated) problem ?
Thanks for your time!
Re: 7-speed javascript based hack
1.5.1 was the culmination of a couple vulnerability exploit attacks, one of them came thru the uploads but that was a couple ver. back and the latest had to do with having more than one tab open in browser and one of the tabs being your sites backend and the other site being a hack site that could/maybe use a script to get into your site in the other tab, but these were all fixed, hence my saying it must be coming from another site on the server...
