Can anybody help?
Google reports our website (actionop.com) as having malicious software. I checked and double checked without finding anything suspicious (google reports malicious software on toplitesite.cn and shopfilmlifeforce.cn). I downloaded the full website and searched for those websites with no success.
Hello :-),
Jaal Scan ID # 413236-478 output
Malicious code detected on line 41 of actionop.com
starts with
<!—iframe src="hxxp://turbo namestor e.cn:8 080>
Please look at the copy of the page on the server, if you cannot locate this code, it is probably being injected at runtime, when a user is requesting the page. It might be useful to then wipe out the hosting directory and check for malware, on the server and in the backend database. You can also ask for help from your hosting provider. Please check out other pages too.
If you have any specific issues feel free to ask for help.
Also, I am collecting info from people affected by attacks like this, if it would be possible for you to share your experience, could you kindly shoot me a mail at a.banerje e @ s top the hac ker .com (please remove the spaces).
We also provide vulnerability identification and mitigation services to help websites from being infected in the first place.
Hope this helps,
-A
Dr. Anirban Banerjee,
Jaal LLC, Riverside, CA.
www.stopthehacker.com
Jaal: Protecting the Internet, one website at a time™
The scripts referencing the sites listed by Google are probably obfuscated so you won’t be able to just search for them.
You can search for iframes and see what shows up and determine if it’s malicious or not.
Let the forum know if you have any further questions, or results to share.
Thomas J. Raef
“We Watch Your Website – so you don’t have to!”
http://www.wewatchyourwebsite.com
traef@wewatchyourwebsite.com