Hacked site recovery

Hacked site recovery

by Glen Page -
Number of replies: 4

I have a hacked moodle site. I think it is running 1.8 or 1.9. Users started getting a Google Message that says "Warning: Visiting this site may harm your computer" with a long bit of text saying that the site may contain malware. If you click Ignore Warning you get to the log in screen but if you put in your UID and PW, you get bounced back to the same warning. Ignore it again and you are back to the Google warning. Matters not what user name I try, same results.

I investigated and found a LOT of http redir files and removed everything that was not Moodle related but I still can't get logged in to Moodle so that I can backup and upgrade.

Open to ideas.

Thanks,

 

Glen Page

Average of ratings: -
In reply to Glen Page

Re: Hacked site recovery

by Jesse Diller -

I assume you're using Chrome?  I suggest using a different browser; you may have to turn off the 'site checker' feature in IE...

Average of ratings: -
In reply to Jesse Diller

Re: Hacked site recovery

by Glen Page -

This was on Firefox and Safari both. I cleaned the site and submitted it to Google for review. I am now back in and getting ready to backup and upgrade.

Average of ratings: -
In reply to Glen Page

Re: Hacked site recovery

by Jesse Diller -

Yeah, Mauno is right; if you're not using Chrome, the message isn't coming from the browser. Then most likely the site/PC was infected... make sure to let your users know they need to check their computers for infection as well!

- Jesse

Average of ratings: -
In reply to Glen Page

Re: Hacked site recovery

by Mauno Korpelainen -

Glen,

most likely your site - and your PC -  is infected by some new or old gumblar type virus. If your virus detection does not give any detection info you could try to add your site address to test form of http://www.unmaskparasites.com/

You may need some help from your host in cleaning of your site & home computer (possible malware) - and new ftp passwords etc.

Check also http://www.unmaskparasites.com/malware-warning-guide/

Average of ratings: -