Please Help. Has My Website Been Hacked?
# June 30, 2013 at 3:16 pm
When you open this web page: http://www.ctrlshiftstudios.com/layout
The word ‘digital marketing’ has becoming a link and when hovered it shows a certain picture.
I never made the words a link.
I deleted the index file from the public_html and reupload it back, then I refresh and the link is still there.
What is happening. Has someone hacked my website?# June 30, 2013 at 3:45 pm
1) If you are still seeing this link (while no one else is), try clearing your browser cache ([ctrl]+[f5] does it in most browsers).
2) Did you ever add Google addWords (or a similar script) to your page? If so, that might be what you were seeing (and that would mean you weren’t hacked).
However, if you are at all unsure, you should definitely take steps to make sure your site is secure:
As @chrisburton says, make sure your own computer is clean, too (do that _first_).
— change all passwords **now**.
— check your server’s error/access logs for unusual activity.
— make sure there are no unusual files on your host (especially inside your web root).
— make sure all the usual files haven’t been changed (compare them to your (hint,hint) **backups**).
— review any scripts that handle user input. Make sure you **do not trust user input** (always _validate_ and _sanitize_).
— if you find any problems, or are still unsure, **contact your host for help**.
— change all passwords **again**.# June 30, 2013 at 3:48 pm
I’ve loked into it too. Might be malware on your end :: https://blog.wikimedia.org/2012/05/14/ads-on-wikipedia-your-computer-infected-malware/# June 30, 2013 at 7:13 pm
It was a malware from my end. It was a chrome add-on, (malware in disguise) that I added. I actually googled ‘Coupon DropDown’ and read more about it. I removed all the suspicious add-ons, uninstalled all the suspicions programs and cleared all my caches and cookies. And it came back to normal. I was afraid already.# July 8, 2013 at 10:27 am
We used to have this problem. Every time we thought we removed, it would just re-install itself.
Traditional defenses are no longer enough to defend against the new breed of cyber-attacks that cut across communication channels and take place over multiple stages. IT security organizations must implement a defense-in-depth strategy with layers of network and endpoint security defenses. Failing to do so can prove costly; in fact, it can bankrupt a company.
We did the following, for the following for my website.
1. Remove the Admin User from your WP.
2. Generate a Password with a generator like this one: http://goo.gl/MaDV
3. Make sure you have REMOVED the Admin User, and make your “N3wu23rNaMe” difficult to be guessed, or easily known.
4. Add a “Limit Login Attempts” http://goo.gl/ouDUQ and make the attempts to “1” attempt, and then “lockout”!
5. Finally we started using a free site scanner for cyber criminals provided FREE trial located http://goo.gl/Jp4Co
And finally I can say we have had NO problems since. Of course you will ALWAYS have attempts, but I would recommend our procedures. They seem to work great for us!
You must be logged in to reply to this topic.