BlogAdviceHappy New [Virus Free] Year!

Happy New [Virus Free] Year!

We hope you all had a great break over the Xmas and new years period Рnow that we are all back at work now, we forget the Xmas cheer and get straight back to business.

Here at – our 2013 was kicked off with a couple of infected customer websites, and us being saved by our fantastic website warranty package.

One of our customer sites is built using cubecart, and we inherited it from another website design company. We’ve improved, streamlined and generally fixed the whole website, and its currently back with the client for populating. Since its been passed back, it seem an exploit has been found with some part of one of the websites hosted on their domain, and a load of¬†files¬†had an iFrame injected into the source code. This caused other websites (infected ones) to load when our client site was loaded, and then the problem generally got worse each time.

This URL (www changed to xxx so it¬†doesn’t¬†link) was what the iframe was loading (well, trying to) DO NOT VISIT THIS URL

Thanks to our early defence warning systems, we were informed of the changed files – kicked off a server scan that cleaned all the files when dodgy code was located and then notified blacklists ensuring that any blocks were removed and no customers were¬†deterred. If we¬†didn’t¬†have our Website Warranty software running, we¬†wouldn’t¬†have know¬†about¬†the infection until google had blocked the site, and by that time you have lost customers and the virus has spread past the point of easy disinfection!

We are now plugging holes in the cleansed website files, and hope to have the issue fully resolved by close of play today.

Another customer has had a few problems since the start of 2013, but this time with a hack that modifies the .htaccess files and forces the users onto dodgy shopping sites and pornography, but only if viewing the website through certain browsers/devices. Its clever as it makes it so the webmaster¬†doesn’t¬†notice the issue, but anyone¬†browsing¬†on a mobile (for example) would be redirected.

We are still finishing off the disinfection ill post more about that once we’re done.

Leave a Reply

Your email address will not be published. Required fields are marked *