Site "compromised"

[Insomniac]

I don't know if you knew it or not, but google reported this site as "compromised". Tried to load it and got the malware warning.

 

From doing some of the work I do in the real world, I do see a lot of sites being compromised.

 

You might want to check your web logs for URL's that don't seem quite right. Some script kiddie or spammer may have uploaded crap into one of your wp-admin type directories (or equivelant). This will show up in your weblogs as people try and access files like video.php or logs.php or cheap-pills.html etc.. 

 

Especially look for directories that are writable (mode 777) and/or any custom upload forms you might have.

Just wanting to make you aware of it. I've literally seen it happen to THOUSANDS (yes, thousands) of web sites.

 

 

[Restorium2]

Advisory provided by Google

Safe Browsing

Diagnostic page for michiganmedicalmarijuana.org

What is the current listing status for michiganmedicalmarijuana.org?

 

Site is listed as suspicious - visiting this web site may harm your computer.

 

What happened when Google visited this site?

 

Of the 16 pages we tested on the site over the past 90 days, 1 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2014-01-29, and the last time suspicious content was found on this site was on 2014-01-29.

Malicious software includes 1 exploit(s).

 

Malicious software is hosted on 1 domain(s), including arrowcompete.pw/.

 

1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including southwestvoodoo.com/.

 

This site was hosted on 1 network(s) including AS32613 (IWEB-AS).

 

Has this site acted as an intermediary resulting in further distribution of malware?

 

Over the past 90 days, michiganmedicalmarijuana.org did not appear to function as an intermediary for the infection of any sites.

 

Has this site hosted malware?

 

No, this site has not hosted malicious software over the past 90 days.

 

How did this happen?

 

In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

 

Next steps:

 

Return to the previous page.

If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.

Updated 3 hours ago

[Dankthsea]

Thanks zap, feel better that your on the case! Especially after listening to you in person at last weeks meeting!

[Restorium2]

Just took a look around using Windows Internet Explorer 8 and no strange banners.

[Wild Bill]

 I had someone hack my blog recently. When I logged out I got a pop up window saying, "Make Money With Your Blog".

 

I couldn't find the source until a banner advertising video games appeared. Then it was a simple matter to identify and remove the code. It appeared to be from a Russian porn domain.

[ozzrokk]

I am on windows and do not see anything out of place now but earlier many warnings. Seems much better. I know we dont tell you enough Zap but thanx again for all you do..............

[Norby]

Yes, Thank You!

[wellroundedwoman]

Your a great white hunter and you saved our butts, Thanks! wellroundedwoman