Iframe Malware on website index files

Discussion in 'Malware Help (A Specialist Will Reply)' started by sundar, Apr 16, 2009.

  1. sundar

    sundar Private E-2

    Many of my websites got affected by iFrame Malware. I have been experiencing this problem for the last one month. When I tried to track the issue, I found that some malicious iFrame code has been added to all the index.php / index.html files of my website. When I tried to download / edit the virus affected file using FTP, its not downloaded and throws error. Then, I upload the files from my local backups and the site becomes normal. I have restricted all the files / directory permission to 644 and 755 respectively and also changed my FTP login details, Database login details and SSH login details.

    Also, I have upgraded the CMS to the latest version. But, still I have the issue. Its not only affecting websites developed using CMS(Joomla , Moodle). It is happening in PHP sites, ASP sites and even simple html sites..

    I asked our server to scan and they replied that there are no viruses on the server and they are not able to find out the source of this virus that is from where / when / how this malicious iFrame were added to my files?

    Any help will be appreciated....
     
    sundar, Apr 16, 2009
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    I'm afraid that we will not be of much help to you. Infections like this typically find their way into code due to security problems on the servers or on the machines where the development is being performed. Any piece of software that is being use that has outstanding security holes which have not been resolved can be the source of the problem. Standard scanning will not typically find the problematic code in the files (of which there can be many) and if they do find a possible exploit, they may not be able to automatically fix the problem. Thus scanners are not helpful in this regard. Web designers have to find out where the holes are in their own software and also in the software they use to perform development. Normally there is some kind of exploit being used by the malware.
     
    chaslang, Apr 19, 2009
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds