Friday, April 13, 2012

Second hacked website this week…

A few strange sites out there right now. These have a tendency to show up in google results and redirects you to site where “Windows Antivirus 2012” is trying to “scan” your computer. Complete scam obviously, didn’t even bother to change the gui depending on the visiting browser so everything looks like XP. It seems that sites that are infected have Wordpress and Joomla 1.5 in common. A few sources on the web indicates that this is a result of poorly managed .htaccess file or a vulnability in an old module of “Advanced Module Manager”. Anyways just ESC and close the page to be rid of it. To be safe just close the whole browser and start a new session.

A good site to check if a site is has any issues is http://sitecheck.sucuri.net/ .

Also here are a few dumps of the infected website

image

image

Some malware tries to force itself on you aswell, just close it.image

The google results are also a bit weird, the subinformation is a bit dodgy…

image

In conclusion, keep your site updated!

References:

http://forum.joomla.org/viewtopic.php?f=432&t=705216&start=30

No comments: