Author Topic: HTML: lframe-inf on my webstore. Please help.  (Read 25516 times)

0 Members and 1 Guest are viewing this topic.

Offline jeff.cain

  • Newbie
  • *
  • Posts: 11
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #15 on: March 25, 2009, 08:53:16 PM »
waiting on Yahoo's tech phone call...  I'll let you know if they shed any light on it.

Offline scythe944

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2913
    • My Tech Blog
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #16 on: March 25, 2009, 08:55:13 PM »
Good deal.  I hope they can help!
For generic computer (not avast) problems, you can also visit my forum for help: http://www.jacobytech.net/forum

Offline jeff.cain

  • Newbie
  • *
  • Posts: 11
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #17 on: March 25, 2009, 09:02:40 PM »
They said it is on every Yahoo hosting account and store account.  It is their data collection code and they said they have never had any problems from it.  I don't really have an option to remove it, so I guess it stays.  Sorry to waste you guys time, but again thanks so much for fixing the hack on my store.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 81894
  • No support PMs thanks
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #18 on: March 25, 2009, 09:11:47 PM »
You're welcome.

If they are going to insert code than tell them they should be complying with wc3 HTML standards.

What stats are they gathering (more importantly did they tell you about this and did you agree to it) ?

What did they say about your site being hacked ?

Of course you have a say in it, vote with your feet/wallet and seek out another hosting company and one that remembers their position as a service provider and you being the customer.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 19.7.2388 (build: 19.7.4674.526)/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ WinPatrol+/

Offline jeff.cain

  • Newbie
  • *
  • Posts: 11
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #19 on: March 25, 2009, 10:19:54 PM »
I started building the site with them in 2004 so I'm sure I agreed to their terms somewhere.  It does state in their privacy policy that I display on my page that they collect data regarding your shopping experience.  As far as voting with my feet, I wish it were that easy.  I built almost the whole store on their yahoo store proprietary software.  I know I could rebuild, but that is all I have been using since 2004 and I already have a non webrelated full time job taking up my time (plus a wife and 3 kids!)  For now it will have to stay with yahoo.  Overall I have been satisified with their service.

Offline jeff.cain

  • Newbie
  • *
  • Posts: 11
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #20 on: March 25, 2009, 10:22:28 PM »
I didn't even ask about being hacked.  I have used the same password for waaaaaaaay too long.  So I'm sure some of that fault rests with me.

Last question- what would that virus have done if any of my customers picked it up?

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 81894
  • No support PMs thanks
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #21 on: March 25, 2009, 10:36:18 PM »
The hosting software is also an area which might be exploited, though more common in php sites.

It is a total unknown as to what might have happened as the iframe went to a Chinese domain and there could be absoultely anything at that end as it is executing a cgi script could be benign in that they are trying to display something to tempt customers to part with money or it could be malicious.

There is just no way to find out without leaving yourself open to the exploit and there is no way I would even consider that.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 19.7.2388 (build: 19.7.4674.526)/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ WinPatrol+/

Offline kubecj

  • Avast team
  • Advanced Poster
  • *
  • Posts: 1123
    • ALWIL Software
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #22 on: March 26, 2009, 10:32:13 AM »
Guys, it looks like you're mixing two things together:

The yahoo counters at the end are BENIGN, and Yahoo is right it's used for their stats.

The chinese iframe at the beginning is DETECTED. You should only remove it and think how it got to your code.
Jindrich Kubec

Offline jebje

  • Newbie
  • *
  • Posts: 3
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #23 on: April 03, 2009, 10:55:57 PM »

I bought hosting from yahoo, and i have the same problem at the moment. After reading everything here i couldn't understand what will i do to fix it.
I am near to crying lol..

Can you say me what to add or what to delete from my pages? "  :'(





Offline kubecj

  • Avast team
  • Advanced Poster
  • *
  • Posts: 1123
    • ALWIL Software
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #24 on: April 03, 2009, 11:03:09 PM »
First please provide us the link to your pages. We are good, but not that good to guess it  ;D 8)
Jindrich Kubec

Offline jebje

  • Newbie
  • *
  • Posts: 3
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #25 on: April 03, 2009, 11:12:58 PM »

Oki :) you are right. Here is my links,

www.cemredesigns.com/index.html

www.cemredesigns.com/shop.html

etc.

Offline kubecj

  • Avast team
  • Advanced Poster
  • *
  • Posts: 1123
    • ALWIL Software
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #26 on: April 03, 2009, 11:18:08 PM »
And, what exactly is your problem? I don't see anything strange there, and avast! does not find anything there.
Jindrich Kubec

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31659
  • malware fighter
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #27 on: April 03, 2009, 11:23:56 PM »
Hi kubecj,

You have turned this into one of your specialism, haven't you? Chapeau! Seen to the 200% increase recently in malicious vectors launched from infected websites, what avast is doing here is really very impressive.

I from my end started some discussion  an initiative here to get more interest for the implementation of CSP, also known as Content Security Policy, a security policy for both browsers (IE, Fx, etc.) and web application(s) to set the framework wherein both browser and service  can communicate secure, so third parties have no chance of breaking in.
Re: http://forums.mozillazine.org/viewtopic.php?f=48&t=1073125

Just have to see who will jump on the bandwagon with CSP, but until the time the initiative is adhered to on a larger scale we will depend on what avast is doing here and also use script/request/preference blockers like NoScript, RequestPolicy and PrefSwitch,

polonus
« Last Edit: April 03, 2009, 11:26:41 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline jebje

  • Newbie
  • *
  • Posts: 3
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #28 on: April 03, 2009, 11:31:12 PM »
oki, it says

!-- text below generated by server. PLEASE REMOVE --><!-- Counter/Statistics data collection code
<script language="JavaScript" src="http://us.js2.yimg.com/us.js.yimg.com/lib/smb/js/hosting/cp/js_source/whv2_001.js"></script><script language="javascript">geovisit();</script><noscript><img src="http://visit.webhosting.yahoo.com/visit.gif?us1238794000" alt="setstats" border="0" width="1" height="1"></noscript>


My page is not that short actually, and only i can see a blank page with a little graphic in left side when i enter my website

Offline kubecj

  • Avast team
  • Advanced Poster
  • *
  • Posts: 1123
    • ALWIL Software
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #29 on: April 03, 2009, 11:34:17 PM »
This is perfectly legal code from yahoo. Nothing malicious.
Jindrich Kubec