A website I visit often, hxxp://twofreelinks.com, and just now Avast real time protection alerted me of the iFrame virus that was blocked and I now see it in the virus chest.
I would like to alert the site owner, I am sure he has no clue, how can I do that safely, or verify that this site is really infected?
Trusted is a term not very reliable these days with many sites being hacked daily, you only have to take a look in these forums to see that for iframe detections.
There is a 1 pixel X 1 pixel iframe injected right into a sentence (very strange/suspicious), that is pretending to be a web stats function. See image, I have broken the line to make it easier to see.
So it looks like this site has been hacked.
An email to webmaster (at) the site-name (dot) com normally gets through, but there are no guarantees that will work. I did a whois check for the twofreelinks.com domain name (see image2) and that gives some contact information, an email address after the mailto: I have obscured the personal details. The technical contact is the same.
Thanks so much, I actually found the owner on another forum where I had actually interacted with him before and so I sent him an email with the details, hopefully he will find a way to clean it up.
This is really scary as I am a webmaster of over 15 sites, are there any recommendations that you have to better protect my own sites besides what my hosting provider does? I mean any type of scripts, software or webmaster firewalls?
I am very much a code novice so these types of issues are new to me.
Many of these hacks involve exploiting vulnerabilities in old versions content management software, PHP, WordPress, SQL, etc. so you need to ensure that there are the latest. However in most cases this should be the Hosts responsibility.
You really need to talk to your Host tell them one of your sites has been hacked and ask advice how they/you can prevent it happening again.
Hi I just signed up to say that AMDZone has also been hit with this.
Luckily the warning that Avast puts up when I started the AV for a scan on my pc led them to the culprit.
There certainly was a script that contained iframe.
Yes this is one of the fast growing means of infection now. Were in the past people used to exercise safe hex, not visiting exotic/suspect sites, now even what were considered trusted sites are being hacked.
Fortunately for avast users, avast is all over it like a rash.
I'm not English-native but are you saying that it's a bad thing have avast and it's compared to have a spider in your bath without noticing it?
Well, from reading Mr. Agent’s previous posts, it seems that he’s not an english-speaking native either, and his analogy doesn’t make much sense to me either, (as a native english-speaking person).
I would figure that that’s what he means though.
I just realized that he explained himself after this, so sorry for my interjection.