expoit script injection redirect (type 1487)

[jreimer]

My website, http://goldjewelleryonline.com.au, appears to have been hit by a nasty attack.

 

The site no longer loads, the source code shown is now a string of numbers. AVG antivirus blocks the site and says "expoit script injection redirect (type 1487)"

 

Have I encountered a known Prestashop vulnerability? I am running Prestashop 1.3.1.1, I haven't wanted to upgrade to 1.4 as my theme and a number of modules wouldn't be compatible.

 

Please advise!! This appears to be a pretty serious issue.

 

Thanks.

 

Joshua

[Mike Kranzler]

Hi Joshua,

I just took a look at this for you with a developer, and it appears that your FTP password has been stolen. Whoever did this has put some sort of script on your website creating a redirection, which is why your antivirus is giving you this message. This is actually not something in PrestaShop specifically, but I would urge you to change your FTP password as soon as possible so that you can break the connection that this individual has currently.

 

Once you've done that, you can start trying to identify where the script has been inserted.

 

I hope this helps.

 

-Mike

[duffy]

Hi,

 

I have the same issue since the 21th. did you find a way to solve this one?

My site is running on drupal.

 

Grtz

Frank