I see the dodgy iFrame's have now been removed :¬)

Any update on this?


NB. I notice MarkM's other only other post was Nothing is working so I've relaxed a bit now...



^{Search Freeola Chat}

Thanks for the 'heads up'.

I'm hoping Freeola don't go for another password change as that caused me real problems last time round due to the number of domains I have! :¬(

It's more likely (let's hope!) that your site has been maliciously attacked with the iFrame inserted due to a security vulnerability with some software/package your site uses and not an across the board problem.

Can you say if your site uses any type of CMS (Content Management System) as these are often compromised? Also, do you make use of MySql?


EDIT: Runs off to check websites...!


EDIT2:
I can find a previous problem like this on Freeola (last summer) caused by a customer using a PHP based method to upload files bypassing normal FTP - are you using a normal FTP client to maintain your site?

If you are then are you able to rename and/or change file permissions etc.?

NB. If the site is the one in your profile then the iFrame seems to have been injected on lots (all that I checked) of your pages ;¬(


^{Search Freeola Chat}

Hi all

Don't want to panic you but I can’t upload to my site today because it has been compromised. There is an additional index file with an htmm extension this file is a replica of my home page with an additional Iframe at the bottom which calls in a rouge file. I can’t delete this file but can download it.

So I then checked my existing index page that too now has an additional Iframe just after the body tag. I am sure that this isn’t just going to be one my site. I am sure you all remember the problem we all had back in Feb when all the passwords had to be changed, well here we go again.

This is a very serious breach, I believe that the link in the Iframe is effecting my ranking on Google I have over 2700 pages indexed on Google I am now down to just over 2000, and I have now been completely removed from MSN, the worrying thing is I CANT DELETE THIS FILE because it appears to have effected my file permission, be interesting to know if anyone else has been effected by this, I have alerted the support team at FREEOLA so stand by for yet another password change.