Jump to content
gmbuser

Website Hacked?

Recommended Posts

gmbuser    0
gmbuser

Hi Pagelines,

 

We use a PageLines Pro website for our intranet at work. The intranet is restricted to our IP addresses. We use .htaccess to control access.

 

Recently, we noticed some funky things including redirecting of external links. Also, we are seeing certain words linked to external sites (these links have the double-underline). These links are opening in pop up windows and it is not our doing.

 

Here is a screenshot:

screenshot20121211at126.png

 

 

These problems are showing up on PCs (Macs are OK) using:

 

- Internet Explorer

- Chrome

- (Firefox seems to be fine)

 

I've changed all passwords including:

 

- Users to wordpress

- Web host

- FTP accounts

- SQL DB

- Eliminated anonymous FTP access

 

I've updated:
- Wordpress

- All plugins

- Should I update Pagelines Pro?

 

After the above changes, some of the redirecting is gone (which is good), but we still have the double-underline links. 

 

Please advise and note my level of programming requires step by step instructions.

 

 

Thank you in advance!
Paul

Share this post


Link to post
Share on other sites
Simon    247
Simon

Best advice...

 

Deactivate all plugins, see if it still persists if not re-activate until you find the one causing it...

 

Could be the PC has a virus...

 

Do a view source on the page and paste the raw html to http://paste.pagelines.com and i'll take a look.

 

Could be a toolbar, could be anything really.

Share this post


Link to post
Share on other sites
gmbuser    0
gmbuser

Thank you Advocate. I think I've figured it out. We found some malicious browser add-ons including one called InfoAtoms which was very difficult to uninstall.

 

The other question is how they installed themselves on our PCs (so far 5 computers infected). I'm wondering if our intranet / wordpress / pagelines site spread the software?

 

Unfortunately, I can't post any page source info at this time. I need to have those requests approved. I've taken a look myself and everything seems in order. Anything I should look for in particular?

Share this post


Link to post
Share on other sites
Simon    247
Simon

Wordpress or PageLines cannot install browser plugins. That was one of your employees ;)

Share this post


Link to post
Share on other sites
gmbuser    0
gmbuser

We've begun uninstalling InfoAtoms and deleting registry keys. 

 

 

Thank you for the input.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×