Author Topic: my site zappiertech.com is redirected to http://mercurytutors.com/stats.php  (Read 3335 times)

0 Members and 1 Guest are viewing this topic.

Offline sunilkumarpkerala

  • Newbie
  • *
  • Posts: 2
my site zappiertech.com is redirected to mercurytutors.com/stats.php, and avasta giving an error message as JS:Redirector-YD
. Please help me to solve this issue. It is a wordpress site. It is really urgent .
« Last Edit: July 31, 2012, 10:38:04 AM by sunilkumarpkerala »

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 35858
edit your post and topic title and make the links no clckable to avoid accident clicking



we cant solve it, only the site owner can

sucuri - blackhole detection
http://sitecheck.sucuri.net/results/zappiertech.com
sucuri malware info
http://labs.sucuri.net/db/malware/malware-entry-mwexploitkitblackhole1.php

urlquery - listed at Snort and sucuritata emerging threats
http://urlquery.net/report.php?id=108738

unmasparasites detect redirect.   http://www.unmaskparasites.com/
to suspicious site.
http://www.unmaskparasites.com/web-page-options/?url=http%3A//mercurytutors.com/stats.php&susp=1



« Last Edit: July 31, 2012, 10:44:51 AM by Pondus »
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Online polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31546
  • malware fighter
Wordpress internal path: /home/amrithd/public_html/zappiertech.com/wp-content/themes/TheProfessional/index.php
WordPress version outdated: Upgrade required - Note that any PHP, JS or .htaccess could be compromised by this type of malware.
The location line in the header above has redirected the request to: htxp://mercurytutors.com/stats.php
Content returned: 1: No input file specified.
This is important information from sucuri:
http://labs.sucuri.net/?details=mercurytutors.com
URLs and sub domain distributing the malware or acting as a redirector,
found as http://labs.sucuri.net/db/malware/malware-entry-mwhta7
attack uses the .htaccess file to redirect users to a site serving malware (or spam).
In some cases, the index.php is also modified to do the redirection as well

polonus
« Last Edit: July 31, 2012, 11:13:22 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline !Donovan

  • Web Analyst
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2220
    • The WAR Against Malware
Hi sunilkumarpkerala,

Similar problem here: https://badwarebusters.org/main/itemview/29830

~!Donovan

Familiarize Yourself! | Educate Yourself! | Beautify Yourself! | Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."

Offline !Donovan

  • Web Analyst
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2220
    • The WAR Against Malware
@sunilkumarpkerala

You are running on Apache. You can either edit your .htaccess file(s) or delete them to start off fresh.
http://wiki.apache.org/httpd/Htaccess
http://www.htaccess-guide.com/
http://www.makeuseof.com/tag/how-to-easily-create-and-edit-htaccess-file-for-your-site/
Familiarize Yourself! | Educate Yourself! | Beautify Yourself! | Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."