Finding proof of server being compromised by Black Hole Toolkit exploit
Posted
by
cosmicsafari
on Server Fault
See other posts from Server Fault
or by cosmicsafari
Published on 2012-12-11T10:04:38Z
Indexed on
2012/12/11
11:05 UTC
Read the original article
Hit count: 269
I recently took over maintenance of a company server. (Just Host, C Panel, Linux server), theres a tonne of websites on it which i know nothing about. It had came to my attention that a client had attempted to access one of the websites hosted on this server and was met with a warning from windows defender.
It had blocked access because it said the website had been compromised by the Black Hole Toolkit or something to that effect.
Anyway I went in and updated various plugins and deleted some old suspect websites.
I have since ran the website in question through a few online malware scanners and its comes up clean everytime. However im not convinced.
Do any of you guys know extensive ways i can check that the server isn't still compromised. I have no way to install any malware scanners or anti virus programs on the server as it is horribly locked down by Just Host.
© Server Fault or respective owner