MODX based site has been compromised, and tagged by Google as malware

Posted by JAG2007 on Pro Webmasters See other posts from Pro Webmasters or by JAG2007
Published on 2011-03-08T01:40:32Z Indexed on 2011/03/08 8:19 UTC
Read the original article Hit count: 310

Filed under:

security

|

malware

I'm the webmaster (inherited the site from the developer) for a site called kenbrook.org. The site is currently being tagged as malware infected by Google, and gives the following details: http://www.google.com/safebrowsing/diagnostic?site=kenbrook.org

Sadly, this is the second time it has occurred. I posted the issue when it happened last year originally on Stackoverflow on this post, shortly after I inherited the site. At the time the fix was a simple removal of a few lines of code from a .js file, but I never did discover or resolve the vulnerability.

The site is built on MODX, which neither I, nor the original builder, have any familiarity with. I've tried to check for security updates from MODX, but updating that software has been a real pain also.

Sooo...what's my next step to getting this whole issue resolved? Or steps?

© Pro Webmasters or respective owner

Related posts about security

sudo apt-get update errors

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
Here is what I get on my terminal when running sudo apt-get update errors. I dont know if the issue is from my sources.list or my proxy setup(have not made any changes to proxies). Thank you for any help in advanced. Ign http://security.ubuntu.com oneiric-security Release.gpg Ign http://security… >>> More
The Security-Developer Gap: Why IT Security Can't Fix Your Security Problems Alone

as seen on Devx - Search for 'Devx'
Two well-known white hats explain how hackers take advantage of security holes left by enterprise application developers. >>> More
The Security-Developer Gap: Why IT Security Can't Fix Your Security Problems Alone

as seen on Internet.com - Search for 'Internet.com'
Two well-known white hats explain how hackers take advantage of security holes left by enterprise application developers. >>> More
StackOverFlowError while creating Mac object on AS400/Java

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello all, I am a newbie to AS400-Java programming. I am trying to create my first program to test the implementation of Message Authentication Code (MAC). I am trying to use the HMACSHA1 hash function. My (Java 1.4) program runs fine on a dev box (V5R4).But fails terribly on the QA box (V5R3). My… >>> More
Google App Engine - Spring Security Issue (java.security.AccessControlException)

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm currently getting the AccessControlException below when I deploy to app engine (I don't see it when I run in my local environment). I'm using GAE 1.3.1, Spring 3.0.1, and Spring Security 3.0.2. Any ideas how to get around this issue? It appears to be an issue with Spring Security trying to get… >>> More

Related posts about malware

Open dns still detects malware activity after having scanned and removed malware

as seen on Super User - Search for 'Super User'
I'm using open dns to block unwanted sites. Everytime I go to the dashboard I always see this malware activity in all of the networks that I have in open dns. What do I do?I'm using avast free, spybot, and sas. And used them all to full scan the system. And they have removed the malware. But I still… >>> More
HTG Explains: Do Non-Windows Platforms Like Mac, Android, iOS, and Linux Get Viruses?

as seen on How to geek - Search for 'How to geek'
Viruses and other types of malware seem largely confined to Windows in the real world. Even on a Windows 8 PC, you can still get infected with malware. But how vulnerable are other operating systems to malware? When we say “viruses,” we’re actually talking about malware in general… >>> More
How to Use An Antivirus Boot Disc or USB Drive to Ensure Your Computer is Clean

as seen on How to geek - Search for 'How to geek'
If your computer is infected with malware, running an antivirus within Windows may not be enough to remove it. If your computer has a rootkit, the malware may be able to hide itself from your antivirus software. This is where bootable antivirus solutions come in. They can clean malware from outside… >>> More
Not All “Viruses” Are Viruses: 10 Malware Terms Explained

as seen on How to geek - Search for 'How to geek'
Most people seem to call every type of malware a “virus”, but that isn’t technically accurate. You’ve probably heard of many more terms beyond virus: malware, worm, Trojan, rootkit, keylogger, spyware, and more. But what do all these terms mean? These terms aren’t just… >>> More
Keep Malware Off Your PC With Sandboxie

as seen on Internet.com - Search for 'Internet.com'
Malware can infect your PC from anywhere on the Web. Sandboxie, a free application, blocks it. >>> More