Journal #6707

Posted 9 years ago2010-08-12 15:55:40 UTC
Habboi HabboiSticky White Love Glue
Question to the technical people out there.

I got a call from a client saying her stock list wasn't updating on the websites FTP so I check it out to find a block from AVG saying the site is infected with a JS/REDIR.

I find out the index file is infected or rather, there's code in there that probably leads people to some porn site.

My question is how did that get on there? The only person who accesses it is the client. Is it possible there's a virus on her PC that is programmed to access FTP's and replace the index file?

edit

Might want to add that I replaced the index with an old one from my HD and all is fine. I just want to know how it got on there.

4 Comments

Commented 9 years ago2010-08-12 16:00:16 UTC Comment #44557
Could it be possible the host themselves are infected with something?
Commented 9 years ago2010-08-12 16:11:25 UTC Comment #44558
Doubtful since my site is fine and I use the same host. Unless by some mere chance a virus did get into the host and only target my clients website @_@
Commented 9 years ago2010-08-12 16:14:30 UTC Comment #44560
Notify the hosting provider so they can take action?

It probably came from the client. Clients are often unaware of anything that goes on within computers.
Commented 9 years ago2010-08-13 08:17:41 UTC Comment #44559
Ok so it seems whatever did this added some HTML files and two images with viagra adverts in them. Hmmmm.

You must log in to post a comment. You can login or register a new account.