Website exploited with Blackhole

Discussion in 'Malware Help (A Specialist Will Reply)' started by ClutchThese, Jan 19, 2012.

  1. ClutchThese

    ClutchThese Private E-2

    I've been reading a bit on here but it seems the other user who came here for help with this similar problem was able to have it resolved. The only difference being my issue isn't on MY computer. It's on my website!!!

    I see this site is ran on Vbulletin as is mine. I'm hoping with your vast knowledge, some help would be forwarded to me. I've been trying to track the source of the exploit for two days... i just don't know what to do!

    I am on a mac and all my users are mad and i'm not sure if they will even come back. Anyways, i'm on a mac and for some reason, i don't get warnings of the exploit. All my users who run a windows machine get pop ups saying their antivirus has stopped a blackhole exploit. So i inspected my website in Chrome and was able to find the culprit in the footer. The exploit is running in an iframe in the footer. So, i went to the backend and tried to locate the code... nothing was to be found!! Almost like it's invisible or something.

    Does anyone here have any experience with this? I'm really at a loss.
     
    ClutchThese, Jan 19, 2012
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    How people write their website code, how old/un-updated the software they write it with, and how secure the servers that host it are really the areas to look at. Issues here are commonly referred to as code injection ( see: http://en.wikipedia.org/wiki/Code_injection ) The things we do in this forum are not going to find problems in your code. None of these malware scanners will since they are not design for this purpose.

    You are going to need to have a very good webpage developer check the code for security issues and you need to verify that all software being used has been updated to include all security patches. In addition, you need to make sure that the server hosting the website also has been fully updated.

    Also since you stated it has been hacked, you should attempt to find out how it was hacked so you can verify that the security issues have been resolved.
     
    TimW, Jan 19, 2012
    #2
  3. ClutchThese

    ClutchThese Private E-2

    Ok. Not the reply i was hoping for! :)

    Understood none the less.

    Thank you!
     
    ClutchThese, Jan 19, 2012
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You're welcome, and good luck. ;)
     
    TimW, Jan 20, 2012
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds