Journal #7436

Posted 13 years ago2011-10-12 17:51:20 UTC
I periodically visit the web sites I manage to make sure everything is going well. It's generally always the same and thus a rather boring activity. But yesterday I found one of them had been altered.

An <iframe> to an external site (something like aiowfuhewqifumalwieucfhnalwu.in/something.php) was planted in it. Not only on visible pages, also on test pages that were never linked to. The easiest way to fix them would be to reupload all the files again from my hard drive, so I started FileZilla, and found out a shitton of random asp pages (that linked to more spam) had been also uploaded.

Looked up the internet and the most likely cause was that my ftp password had been stolen. But... how? I've never given it to anyone.

Then I remembered. Assuming it had been this, it was safe to change the password and all would be good again.

Moral of the story: Change all passwords after all your internet traffic has been diverted through someone else's computer.

5 Comments

Commented 13 years ago2011-10-12 19:13:47 UTC Comment #62270
Excuse me, have I just been sent back in time by some mysterious force or the comments to this journal got deleted?

[EDIT] Nevermind, I was tricked by my memory. I clicked the link in this journal and then I 'recorded' the fact of this journal having comments because the other journal had. Then after coming back to TWHL I was confused to see your journal with 0 comments.
Commented 13 years ago2011-10-12 20:33:25 UTC Comment #62269
you can use my computer stu, i promisso i shan't steal your seekrits with my keylogger.. =)
Commented 13 years ago2011-10-12 21:54:01 UTC Comment #62267
I do that.
as soon as i THINK i might have a virus, i use a different computer (phone mostly) to change passwords, email, amazon, youtube, twhl... god forbid someone stole my TWHL identity :-o
Commented 13 years ago2011-10-14 05:33:05 UTC Comment #62268
I like my post.
Commented 13 years ago2011-10-17 18:58:50 UTC Comment #62271
I like Skals' post.

You must log in to post a comment. You can login or register a new account.