EUROFIGHTER - All Sites Hacked

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    EUROFIGHTER - All Sites Hacked

    Just a warning to all - All my sites have been hacked via plesk.


    403 Forbidden
    http://stopmalvertising.com/malware-reports/runforestrun-pseudo-random-domains-and-random-exploit-kits.html


    I have reset my plesk login in the hope that this will stop but now have a lot of damage control to clear up as i dont know the files that we modified standard websites are fine but i cannot locate the code in my dot net nuke sites so i cannot resolve at this time apart from take offline and apologies to my customers.

    Kind Regards
    Greg
    Tags: None
    #2
    There's a fix released by Plesk a while ago. More information is available here: http://kb.parallels.com/en/113321. I'd recommend getting that installed as soon as possible. I'm afraid I can't help you with your dot net nuke website myself. I haven't worked with that before. Perhaps someone else on the forums is able to support you with that but alternatively feel free to contact our support team.

    Comment

      #3
      Originally posted by Greg View Post
      Just a warning to all - All my sites have been hacked via plesk.


      403 Forbidden
      http://stopmalvertising.com/malware-reports/runforestrun-pseudo-random-domains-and-random-exploit-kits.html


      I have reset my plesk login in the hope that this will stop but now have a lot of damage control to clear up as i dont know the files that we modified standard websites are fine but i cannot locate the code in my dot net nuke sites so i cannot resolve at this time apart from take offline and apologies to my customers.

      Kind Regards
      Greg
      Hi Greg,

      This is being looked into. I see that the files were injected before the patch was applied few days ago, but we'll update you with our findings very soon.
      We appreciate your patience in the meantime.
      Rock _a.k.a._ Jack Daniel

      Follow eUKhost on Twitter || Join eUKhost Community on Facebook

      Comment

        #4
        thanks here is the fix for any dnn sites affected:
        DNN sites infected by this virus JS.Runfore - Store - DNN Corp
        http://www.dotnetnuke.com/Resources/Forums/forumid/114/postid/459358/scope/posts.aspx
        DNN sites infected by this virus JS.Runfore



        im just applying this now

        Comment

          #5
          Hello Greg,

          As updated earlier the files were found injected before the patch was applied on the server. The injected files have been removed now.

          To be on safe side we will still request you (and all other clients having their accounts on Plesk servers) to reset control panel and ftp account details at the earliest.

          Regards,
          euksud
          Technical Support Department

          Comment

            #6
            Many thanks for sorting this, as usual your excellent support has helped this issue to be resolved quickly and the sites have now recovered.

            Comment

            Previous template Next
            Working...
            X