Jump to content

Site "compromised"


Recommended Posts

I don't know if you knew it or not, but google reported this site as "compromised". Tried to load it and got the malware warning.


From doing some of the work I do in the real world, I do see a lot of sites being compromised.


You might want to check your web logs for URL's that don't seem quite right. Some script kiddie or spammer may have uploaded crap into one of your wp-admin type directories (or equivelant). This will show up in your weblogs as people try and access files like video.php or logs.php or cheap-pills.html etc.. 


Especially look for directories that are writable (mode 777) and/or any custom upload forms you might have.

Just wanting to make you aware of it. I've literally seen it happen to THOUSANDS (yes, thousands) of web sites.



Link to comment
Share on other sites

Advisory provided by Google

Safe Browsing

Diagnostic page for michiganmedicalmarijuana.org

What is the current listing status for michiganmedicalmarijuana.org?


Site is listed as suspicious - visiting this web site may harm your computer.


What happened when Google visited this site?


Of the 16 pages we tested on the site over the past 90 days, 1 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2014-01-29, and the last time suspicious content was found on this site was on 2014-01-29.

Malicious software includes 1 exploit(s).


Malicious software is hosted on 1 domain(s), including arrowcompete.pw/.


1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including southwestvoodoo.com/.


This site was hosted on 1 network(s) including AS32613 (IWEB-AS).


Has this site acted as an intermediary resulting in further distribution of malware?


Over the past 90 days, michiganmedicalmarijuana.org did not appear to function as an intermediary for the infection of any sites.


Has this site hosted malware?


No, this site has not hosted malicious software over the past 90 days.


How did this happen?


In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.


Next steps:


Return to the previous page.

If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.

Updated 3 hours ago

Link to comment
Share on other sites

 I had someone hack my blog recently. When I logged out I got a pop up window saying, "Make Money With Your Blog".


I couldn't find the source until a banner advertising video games appeared. Then it was a simple matter to identify and remove the code. It appeared to be from a Russian porn domain.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...