Java trojan?

Forum Moderators: open

Message Too Old, No Replies

Java trojan?

Somehow inserted javascript on my home page

akmac

8:51 pm on Jan 5, 2005 (gmt 0)

Pardon my noobness.

I just got a few calls from customers saying that when they visited my home page, it tried to load a trojan onto their computers.

I looked at my index.html and sure enough-there was a little javascript on the bottom of the page that I didn't put there.

I deleted it and reuploaded the page-and it works fine-but I'm worried about what vulnerability exists that would allow it in the first place.

I called my host-ipowerweb-and they said "Admins are aware if it"

Very helpful.

Anyone know how-or if-I can guard against this in the future? It seems to have occurred while I was uploading pages via ftp, but none of the loaded pages were affected.....

kaled

9:07 pm on Jan 5, 2005 (gmt 0)

The following thread might be of interest but it doesn't actually answer your question.

[webmasterworld.com...]

Kaled.

akmac

9:19 pm on Jan 5, 2005 (gmt 0)

So it's probably a server vulnerability?

adni18

12:47 am on Jan 6, 2005 (gmt 0)

Most likely. The best thing you could do is close your website down temporarily, and create maybe a cgi script, redirecting them to a page that says that your website is currently down, due to server issues. The problem with that, is that you would have to host that page on a different server.

akmac

1:13 am on Jan 6, 2005 (gmt 0)

Well, the script only showed up on the homepage, and I deleted it. So, I guess I'll just have to keep a close eye on my index.html for awhile. If it's server side-I've done all I can by notifying them. I think........

rocknbil

2:41 am on Jan 6, 2005 (gmt 0)

Yeah your server was probably hacked. It doesn't mean your service is lame either, even with the best talents available if someone is determined enough, they will get in. The defacing of pages is a signature, really, just to flaunt it in everyone's face. They seem to pick out random ones to munge up.

akmac

5:52 pm on Jan 7, 2005 (gmt 0)

This one just caused a download to begin from another url that I couldn't open-didn't change anything else.

It's frustrating though-luckily my customers alerted me within a few minutes of it beginning and I deleted the script. Thanks for the feedback.

Java trojan?

Somehow inserted javascript on my home page

akmac

kaled

akmac

adni18

akmac

rocknbil

akmac

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week