Author Topic: Infection HTML:Script-inf On Wordpress Site  (Read 2709 times)

0 Members and 1 Guest are viewing this topic.

Offline callum.heaney

  • Newbie
  • *
  • Posts: 1
Infection HTML:Script-inf On Wordpress Site
« on: August 16, 2011, 05:20:30 PM »
I own this WordPress site hXXp://www.aictechnologies.com.au. and Avast! has suddenly stopped me from getting to it.

I get the MALWARE BLOCKED, from webshield with the HTML:Script-inf infection. it also makes reference to hxxp://www.aictechnologies.com.au/|>{gzip}

It only seems to be a issue with avast.

Can anyone help?

Thanks!

« Last Edit: August 16, 2011, 06:27:58 PM by igor »


Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 24630
  • malware fighter
Re: Infection HTML:Script-inf On Wordpress Site
« Reply #2 on: August 16, 2011, 06:03:10 PM »
Here you can read an update to info on
Quote
the malware infection that has been affecting thousands of WordPress sites with the vulnerable timthumb.php script
from: http://blog.sucuri.net/2011/08/update-to-the-superpuperdomain2-com-malware.html (linksource Sucuri Research blog source author: dd http://blog.sucuri.net/author/dd )

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 24630
  • malware fighter
Re: Infection HTML:Script-inf On Wordpress Site
« Reply #3 on: August 16, 2011, 07:01:58 PM »
Hi Pondus,

You were first to post that link, well hope it got noticed. Well with these backdoors it is good when a victim can restore to a back-up before the site was compromised. Never know where the next exploit will come through an existing backdoor. So back up to a known secure restore point, then update your web apllication so the backdoor has been gone,

pol
« Last Edit: August 16, 2011, 11:28:22 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!