Please Help. Has My Website Been Hacked?

[CodeGraphics]

When you open this web page: http://www.ctrlshiftstudios.com/layout

The word ‘digital marketing’ has becoming a link and when hovered it shows a certain picture.

I never made the words a link.
I deleted the index file from the public_html and reupload it back, then I refresh and the link is still there.

What is happening. Has someone hacked my website?

[CodeGraphics]

Even this one i typed now, i mean the two words above have automatically turned to a link at my end here. And shows same image.
Is it from my computer?

[CodeGraphics]

The link is showing ‘Coupon DropDown’

[Eric Gregoire]

I’m not seeing it or maybe you figured it out. However, I did notice the dreaded IE image link blue border on your social media icons and home link (or whatever it’ll be); just an observation on passing by. Sorry I couldn’t help you otherwise.

[RedJokingInn]

No link at my end for “digital marketing”. Seems everything is alright.

[chrisburton]

@CodeGraphics I had the same issue. I had a virus on my computer that was doing this. You need to restore your computer to an earlier point. That will remove it.

[__]

1) If you are still seeing this link (while no one else is), try clearing your browser cache ([ctrl]+[f5] does it in most browsers).

2) Did you ever add Google addWords (or a similar script) to your page? If so, that might be what you were seeing (and that would mean you weren’t hacked).

However, if you are at all unsure, you should definitely take steps to make sure your site is secure:
*****
######_EDIT_
As @ChrisBurton says, make sure your own computer is clean, too (do that _first_).
*****
— change all passwords **now**.

— check your server’s error/access logs for unusual activity.

— make sure there are no unusual files on your host (especially inside your web root).

— make sure all the usual files haven’t been changed (compare them to your (hint,hint) **backups**).

— review any scripts that handle user input. Make sure you **do not trust user input** (always _validate_ and _sanitize_).

— if you find any problems, or are still unsure, **contact your host for help**.

— change all passwords **again**.

[Eric Gregoire]

I’ve loked into it too. Might be malware on your end :: https://blog.wikimedia.org/2012/05/14/ads-on-wikipedia-your-computer-infected-malware/

[Kitty Giraudel]

I had the issue once. It’s a quite inoffensive malware. An anti-virus software or a spybot should be able to remove it pretty easily.

Edit: if I recall correctly, the issue was a Chrome extension. Make sure you only run Chrome extensions you know.

[CodeGraphics]

It was a malware from my end. It was a chrome add-on, (malware in disguise) that I added. I actually googled ‘Coupon DropDown’ and read more about it. I removed all the suspicious add-ons, uninstalled all the suspicions programs and cleared all my caches and cookies. And it came back to normal. I was afraid already.

[__]

>And it came back to normal…

.
> ####change all passwords _now_.

: )

[tbonix]

We used to have this problem. Every time we thought we removed, it would just re-install itself.
Traditional defenses are no longer enough to defend against the new breed of cyber-attacks that cut across communication channels and take place over multiple stages. IT security organizations must implement a defense-in-depth strategy with layers of network and endpoint security defenses. Failing to do so can prove costly; in fact, it can bankrupt a company.

We did the following, for the following for my website.

1. Remove the Admin User from your WP.

2. Generate a Password with a generator like this one: http://goo.gl/MaDV

3. Make sure you have REMOVED the Admin User, and make your “N3wu23rNaMe” difficult to be guessed, or easily known.

4. Add a “Limit Login Attempts” http://goo.gl/ouDUQ and make the attempts to “1” attempt, and then “lockout”!

5. Finally we started using a free site scanner for cyber criminals provided FREE trial located http://goo.gl/Jp4Co

And finally I can say we have had NO problems since. Of course you will ALWAYS have attempts, but I would recommend our procedures. They seem to work great for us!

[Author]

Posts