Hidden Iframe Injection Attack
During recent weeks, my site was being infected by iframe injection attack.
Firstly i would like to thanks ZIZZYBOB for informing me that he could not drop on my entrecard widget due to my website being redirected to another one.
I opened my browser to check my site and yes, it was being redirected. I then downloaded and scanned all my files but there wasn’t any virus. Then i checked the codes and found some iframe codes only in the index page. I deleted it and replaced the index page on the server but to my surprise, the next day the index page was reinfected by iframe codes.
Then i started searching on the net and found some interesting information on the blog of Niyaz PK. I followed his intructions step by step and hopefully everything is back to normal now. I have even uploaded the php file that he coded. It help me everyday to check if there is any iframe injection in any files on the server.
Please comments on your experiences you have had on iframe injection attack. I would be please to read how you have managed to prevent it from happening again.
Tagged with: attack • codes • experiences • ftp • hacks • iframe • index • information • injection • instructions • prevent • redirect • scan • searching • server • surprise • virus
Filed under: Virus/Iframe
Like this post? Subscribe to my RSS feed and get loads more!
That’s scary. Whoever is doing that, I send you Kindness and Peace. That type of person surely could use some. You too, Isker.
At the top of your blog pages, I do see the following message:
Warning: stristr() [function.stristr]: Empty delimiter in /home/iskerb1z/public_html/blog/wp-content/plugins/all-in-one-seo-pack/aioseop.class.php on line 122
Warning: stristr() [function.stristr]: Empty delimiter in /home/iskerb1z/public_html/blog/wp-content/plugins/all-in-one-seo-pack/aioseop.class.php on line 122
P.L. Frederick´s last blog ..But Can It Beat My $200 Horse?
That’s sad. I hope I don’t get one in the future. Me too, I see that kind of message. Hope you fix it soon!
Bogcess´s last blog ..Logitech Irrevocably Bared Squeezebox Touch and Radio
These two warnings came after upgrading the plugin “all-in-one-seo-pack”. Now I have replace it with a previous version.
thanks, nice info, please visit my blog h**p://share-free-tutorial.blogspot.com
I Drop U EC
Were you using iframe tags within your blog, or were they injected there?
Dragon Blogger´s last blog ..Dutch “Moon Rock” is a Fake
Clicked your spinning wheel.
Glad to see you post again.
Laane´s last blog ..Unconscious Mutterings week 345
@Dragon Blogger
The iframe tags were injected there.
@Laane
Thanks.
Hi Dear
Dropping by to say hi and to see what is new over here on your side of the world and things seem great as always
Will just be reading here for a while 
Hope that your week is continuing to be a fabulous one and stress free.
Take care always,
Metz
In the mean time come and visit my virtual streets
Empty Streets 1027 http://emptystreets27.blogspot.com
1027 Music Central http://1027mc.blogspot.com
Metz’s Secret Garden http://metzsecret.blogspot.com
Call Center Life: http://bpo27.blogspot.com
Metz´s last blog ..Launching 1027 Music Central
Hi;
Thank you for your tips. However, my computer seems completley weird..not only my blog http://www.tarot-solutions.blogspot.com
Is anything you suggest I should do?
Please help..
you can email me too
I tried to check for iframe but i do not know exactly where to look for it- in my blog.
I hope you can help me..
cheers for the great posts!
This is the first time I heard about this kind of injection. My friend also experienced the same thing but she discovered that this is because of the ad script she installed on her blog.
Good for you that you able to solve it.
onlinemommy´s last blog ..Change in November 27-28 Holiday
How does the attacker injects the iframe codes?