by malakas
over 4 years ago

Here’s bing’s cache of your site

http://cc.bingj.com/cache.aspx?q=dr5&d=76396406706341&mkt=en-US&setlang=en-US&w=1e1b6e27,b2fa70e1

View source:

</tr> </table><table width="734">

Probably whoever has hacked your site replaced web-statistic with web-analize …

by dr5chrome
over 4 years ago

..thanks for seeing this. I didnt realize it was this easy to hack a site, and how could someone get into my server this easy? i didnt see this as I reloaded the sites pages. I did see this text as I currently looked.. do you still? dw

by Kaleh
over 4 years ago

>how could someone get into my server this easy

A lot of the hacks these days are the result of infections of the computer(s) used to access and maintain the site. I haven’t ever seen [ web-analize ] listed in a Safe Browsing Report, so I don’t know what to expect from that. However, as a precaution, you really should scan and clean your local computers with multiple products you do not currently use. Then, change all passwords. Hackers are getting login credentials from infected PCs and using them to access and modify your site files on the server.

Are you saying that you do see the malicious code? I can’t see it through web-sniffer, so I’m wondering if it is a conditional thing … a now-you-see-it … now-you-don’t.

by Kaleh
over 4 years ago

@dr5chrome

Have you replaced any files since you were first aware that the site had been flagged? I am not seeing the malicious script that malakas reported seeing in the bing cache and it would help if we knew if you had done something to replace that file.

by dr5chrome
over 4 years ago

just before I read his post I had uploaded the main pages just in case there was something i did not see. Nothing on our side [at our office] has been hacked.
I access the dr5.com site every day, so this just happened. They are even listing our PDF pricing page, which is just a standard PDF file. there is nothing to hack here..?

dw

by Kaleh
over 4 years ago

You would be surprised at what they can hack and how your local computer can be infected. Many of the local infections are because of out-dated, vulnerable versions of Adobe Reader and Flash, as well as vulnerabilities in a variety of other commonly used software applications.

Could you provide the URLs in Webmaster Tools, if you haven’ already replaced them? PDF files can have malicious code attached to them as well.

by dr5chrome
over 4 years ago

the pdf page; http://www.dr5.com/dr5price.pdf

haven’t replaced this page.

dw

by bilcorry
over 4 years ago

I uploaded dr5price.pdf to virustotal.com, it didn’t find anything:

http://www.virustotal.com/analisis/550a943e6d06427bfd1c2a0b631475b94d0ca605d3c5b6d233801b81f6c38bbd-1248837036

by Kaleh
over 4 years ago

@bilcorry

After the OP had re-uploaded site files and requested a review, the site cleared. It is no longer listed as suspicious. Sometimes patience is a virtue.

About Contact Us Terms & Conditions Privacy Policy Copyright