VirtueMart Forum

VirtueMart 1.1.x [ Old version - no longer supported ] => Security (https) / Performance / SEO/ SEF issues VM 1.1 => Topic started by: ricardopraia on September 09, 2012, 19:30:18 pm

Title: Code injection HELP!!!
Post by: ricardopraia on September 09, 2012, 19:30:18 pm
I'm having much problems with a code injections on virtuemart and the site is temp "banned" by google.
I run joomla 1.5.26 and virtuemart 1.1.9

the site is semillasjadiberica.com

I test it in webmaster tools and give me some code injections on some files of the virtuemart default theme.

How ca i stop this? Anybody can help me?

Thanks
Title: Re: Code injection HELP!!!
Post by: stinga on September 10, 2012, 14:48:54 pm
need examples. I have not heard of google banning sites due to code injection
Title: Re: Code injection HELP!!!
Post by: magj on October 08, 2012, 11:12:57 am
Hi

I think you mean JS malware codes which infects javascript files and forces the end user to instal malicious software.

Many things could cause this, Vulnerable Server/OS , or extensions , misconfiguration , etc. AND it may be or(IMHO) may not be related to the Virtuemart.

The best thing you can do is a restoration of your files (because it could be more than just a js code injection). changing every password for your server (ftp/db,etc....).

Or you can at least scan your javascript files which are infected (use view source and open every .js file loaded in the page ) look for suspicious(encrypted) code (most of times in the end of file most of time between /* A RANDOM NUMBER */ SOME MALICOUS ENCRYPTED CODE  /* THE SAME RANDOM CODE*/

Alternatively you can scan your site using: sucuri.net

and clean them or replace by original files.

After that you can just request a review in Google Webmaster Tools and most of time if you clean your site google will review it in less than 24 hours and everything would be fine. EXCEPT: you should find which vulnerability caused your site to be js injected!

and there is no "A QUICK WAY TO SECURE MY SITE in 24 HOURS" out there , But :Joomla Security Checklist http://docs.joomla.org/Category:Security_Checklist (http://docs.joomla.org/Category:Security_Checklist) is a good start.


Regards
magj
Title: Re: Code injection HELP!!!
Post by: CrS27 on October 22, 2012, 13:00:13 pm
your website security might have been compromised by multiple things, but what was overlooked in the previous post was brute force attacks. They are applied in order to break into your site by finding your login credentials. It means, the whole dictionary database can be run in order to find a match. So, if you're using simple username or password, you can have your site hacked easily. You may have a look at this posthttp://bit.ly/TrWMEv (http://bit.ly/TrWMEv) with some more info on security and preventing hacking attacks.
I believe, security is too serious issue to be taken easily.