Can't find a solution? Call Digiweb support on 1918

Glossary | | Favorites | Login

Search the Knowledgebase


[Advanced Search]

Browse by Category



My site is infected

As part of an ongoing investigation, we have established that many hosted websites have been tampered with by an external attacker or group of attackers using FTP, among other means.

Our research has shown this to be a pattern of attacks, with specific attacks called 'Gumblar' and 'Martuz'. This is a problem reported by all major hosting companies at this time - it is not specific to Digiweb or Novara.

You can read more here:

 - http://blog.unmaskparasites.com/2009/05/07/gumblar-cn-exploit-12-facts-about-this-injected-script/
 - http://www.creativeireland.com/forums/showthread.php?t=26984


In general, these attacks occur when a PC is infected by a browser, flash or Adobe PDF exploit. Once infected, the infected PC will do things like searching for saved FTP passwords, install a keylogger and setup a packet sniffer to sniff for FTP details on your network. All passwords are then sent to external sites.


These external sites then attempt to FTP to your website, uploading new versions of your pages with hostile code (usually javascript and iframes). Anyone who then visits your site will too become infected if not fully patched up.

We STRONGLY RECOMMEND you take the following actions:

1. Identify any computers which use FTP to upload content to your websites.

2. Make sure that such computers are updated for Windows, Adobe Acrobat Reader (if installed) and Adobe Flash Plugin (if installed).

3. Update your anti-virus software and scan all computers that share the network with the PC using FTP. If you do not have an anti-virus scanner, Digiweb can provide you with a copy of AVG Internet Security for just €3 per month.

4. Reset all FTP passwords used by you for your websites.

5. Review your website content for suspicious data, in particular unfamiliar IFrames and Javascript.

We appreciate your help with this - this problem can only be tackled by all of us.

Related Articles

Attachments

No attachments were found.

Visitor Comments

Article Details

Last Updated
27th of July, 2009

Would you like to...

Print this page  Print this page

Email this page  Email this page

Post a comment  Post a comment

 Subscribe me

Subscribe me  Add to favorites

Remove Highlighting Remove Highlighting

Edit this Article

Quick Edit

Export to PDF


User Opinions

100% thumbs up 0% thumbs down (5 votes)

How would you rate this answer?



Thank you for rating this answer.

Continue