Malware on a client's website - Ideas?
Posted
by Jeriko
on Stack Overflow
See other posts from Stack Overflow
or by Jeriko
Published on 2010-05-25T14:03:06Z
Indexed on
2010/05/25
14:11 UTC
Read the original article
Hit count: 177
We recently got a call from one of our clients, complaining that their site has some "strange looking code" at the bottom of the page. We checked out the source code, and discovered that about 800 bytes of malicious javascript code had been appended to the templates/master
file, after the </html>
tag. I won't post said code because it looked particularly nasty.
As far as I can tell, there would be no way for this file to be edited in any way, unless someone had direct access to the server and/or FTP login details. The actual file itself has been modified, so that rules out any kind of SQL attack. Besides a person physically gaining credentials and hand-modifying this file, would there be any other logical explaination for what happened? Has anyone else had experience with something like this happening?
© Stack Overflow or respective owner