Welcome to WebmasterWorld Guest from 54.221.28.179

Forum Moderators: open

Message Too Old, No Replies

bs.serving-tracking.com javascript injection

How does it get onto the site?

     

jastra

2:42 pm on Jan 11, 2012 (gmt 0)

5+ Year Member



Does anybody have experience with the bs.serving-tracking.com javascript injection?

I have a site that was reported by Google to be infected with the above code. In Webmaster Tools they gave an example of at least one page where the code was found.

Unfortunately for me (I don't know javascript) the code does not appear on any page when viewed live on the server-- it's only visible in the browser's VIEW > SOURCE.

So it is getting injected from some unknown file, and I still can't find it. The client, of course if apopleptic and I forsee hours of digging.

This site and a couple of others was hacked through Filezilla's XML password file. Javascript was only inserted into the first line of the index page. I changed the FTP password and that stopped. This latest episode (on only one of the 4 previously infected sites) may or may not be related.

I changed the FTP password and do NOT save them to the Filezilla site manager file any longer.

There is an email contact form on the site.

Any suggestions please?

penders

3:50 pm on Jan 11, 2012 (gmt 0)

WebmasterWorld Senior Member penders is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



This site and a couple of others was hacked through Filezilla's XML password file.


Where is this password file?

jastra

4:05 pm on Jan 11, 2012 (gmt 0)

5+ Year Member



penders, I sticky mailed you with a URL where I read of this issue.

penders

5:00 pm on Jan 11, 2012 (gmt 0)

WebmasterWorld Senior Member penders is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



The reason for my question is that this password file should be stored on your local machine - which I believe it is. If your sites have been hacked through access to this file then it sounds as if your computer has been infected with malware/virus!?

Whilst there is a potential vulnerability in Filezilla's XML files, this is only a problem if the host computer has been hacked.
 

Featured Threads

Hot Threads This Week

Hot Threads This Month