Website has been hacked and need help?!
-
-
- Shaun Callaghan
- Jr. Rocketeer
- Posts: 28
- Thanks: 0
-
Hello Rockettheme Support
I have a website running on rockettheme and have now found some links hiding in the source code that will affect our google rankings.
We also now cannot update anything on the home page? The code that is hidden in the website is:
<div class="custom" >
<div style="position: absolute; top: -132px; overflow: auto; width: 1759px;">
<h3><strong><a href=" nhacaiuytin.vn/ " style="font-size: 11.63pt;">nha cai uy tin</a></strong> , <em><a href=" nhacaiuytin.net/ " style="font-size: 11.5pt;">nha cai uy tin</a></em> , <em><a href=" 2mevabe.com/ " style="font-size: 11.345pt;">tap chi me va be</a></em> , <em><a href=" casinotructuyen.vn/ " style="font-size: 11.53pt;">casino truc tuyen</a></em> , <a href=" casinouytin.com/ " style="font-size: 11.543pt;">casino uy tin</a> , <a href=" casinototnhat.com/ " style="font-size: 11.5pt;">casino tot nhat</a> , <a href=" danhbai.com.vn/ " style="font-size: 11.5453pt;">danh bai</a> , <a href=" pokeronline.vn/ " style="font-size: 11.533pt;">poker online</a> , <a href=" vietcasino.vn/ " style="font-size: 11.53343pt;">casino</a> , <a href=" congtybaove24h.tv/ " style="font-size: 11.54pt;">bao ve viet nam</a> , <a href=" dichvubaove24h.tv/ " style="font-size: 11.523433pt;">bao ve viet nam</a> , <a href=" tuvansuckhoe.tv/ " style="font-size: 11.553pt;">suc khoe</a> , <a href=" thoitrangnamgioi.biz/ " style="font-size: 11.24524pt;">thoi trang nam 2014</a> , <a href=" tinsuckhoe.biz/ " style="font-size: 11.5756pt;">suc khoe 2014</a> , <a href=" ithoitrangshop.com/ " style="font-size: 11.642pt;">shop thoi trang</a> , <a href=" tintucthoitrang.biz/ " style="font-size: 11.4641pt;">tin tuc thoi trang</a> <a href=" phimclub.net/category/phim-le_id93 " style="font-size: 11.64pt;">phim le</a> , <a href=" thoitranghitech.com/ " style="font-size: 11.6pt;">hi tech</a> , <a href=" thoibaocongnghe.com/news/category/tin-cong-nghe_id1 " style="font-size: 11.643pt;">tin cong nghe</a> , <a href=" www.oa-coordination.org/news/category/cong-nghe_id1 " style="font-size: 11.832pt;">cong nghe</a> , <a href=" tangtruong.net/news/category/thoi-su_id25 " style="font-size: 11.81pt;">thoi su</a> , <a href=" tinmoi360.com/ " style="font-size: 11.6474pt;">tin moi</a> , <a href=" moliy.org/ " style="font-size: 11.68pt;">thoi trang</a> , <a href=" thegioismartphone.org/ " style="font-size: 11.23pt;">the gioi smartphone</a> , <a href=" khoahoccongnghe.net/ " style="font-size: 11.348pt;">cong nghe</a> , <a href=" maytinhbanggiare.org/ " style="font-size: 11.285pt;">may tinh bang gia re</a> , <a href=" smartphoneviet.vn/cat/san-pham/dien-thoai/2 " style="font-size: 11.62523pt;">dien thoai</a> , <a href=" sukientrongngay.net/ " style="font-size: 11.2343pt;">su kien</a> , <a href=" downloadgamemobile.info/ " style="font-size: 11.33pt;">game mobile</a> , <a href=" www.nghesyviet.org/ " style="font-size: 11.64643pt;">nghe si viet</a> , <a href=" www.thegioinhacviet.net/ " style="font-size: 11.4233pt;">the gioi nhac</a> , <a href=" nhacaitotnhat.com/ " style="font-size: 11.671pt;">nha cai</a> , <a href=" mybet.vn/ " style="font-size: 11.63pt;">dien dan bong da</a> , <a href=" 9bestbookies.com/ " style="font-size: 11.1464pt;">best bookies</a>, <a href=" clevermart.vn/ " style="font-size: 11.1873pt;">clevermart.vn</a> , <a href=" goldcare.vn/ " style="font-size: 11.113pt;">goldcare.vn</a> , <a href=" phonereview.vn/ " style="font-size: 11.223pt;">phonereview.vn</a> , <a href=" tinhangngay.vn/ " style="font-size: 11.43789pt;">tinhangngay.vn</a> , <a href=" sieuthisachnoi.com/ " style="font-size: 11.23pt;">sieuthisachnoi.com</a> , <a href=" doctruyentranh.tv/ " style="font-size: 11.53pt;">doctruyentranh.tv</a> , <a href=" sieuthismartphone.vn/ " style="font-size: 11.28903pt;">sieuthismartphone.vn</a> , <a href=" kinhthongminh.org/ " style="font-size: 11.03pt;">kinhthongminh.org</a> , <a href=" thietbithongminh.tv/ " style="font-size: 11.603pt;">thietbithongminh.tv</a> , <a href=" sieuthithietbiso.org/ " style="font-size: 11.63pt;">sieuthithietbiso.org</a> ,</h3>
</div></div>
We do have some knowledge of development but cannot find out where this code came from and how to remove it?
Please could someone assist with this?
-
-
-
- Damir
- Preeminent Rocketeer
- Posts: 22450
- Thanks: 2679
- Web Developer
- Are all of your extensions 100% legit that you are using on your site?
- Available for CUSTOM WORK with Joomla, WordPress and Grav Templates and Gantry Framework!
-
-
-
- Empowermom
- Hero Rocketeer
- Posts: 476
- Thanks: 32
-
You've tried and haven't been able to find the source of your problem. I've had a good experience with MyJoomla site monitoring so far and my security woes are eliminated. I've been "hack free" since I signed up.
Rather than wasting further valuable time attempting to track this prolem down, try a free audit at the site below and see what they come up with. It can only help but it sure won't hurt anything. Link: myjoomla.com/site/is/hacked
Good luck!
-
-
-
- David Goode
- Preeminent Rocketeer
- Posts: 17058
- Thanks: 890
- Web Designer and Host
-
Hi Shaun,
It looks like the traditional injection via an extension that allows uploads (often the 3rd party editor) and you may find they have added the code to the template index.php
The most common exploit is the upload of an infected gif file so I disable gifs form sites whenever possible.
Can you use the 'secure' option above post input to provide me with a temporary Super Admin access please and I will take a look to see what the cause may be.
Thanks
Please search forums before posting. Please make sure your post includes the version of the CMS you are using and a link to the problem. Annotations on screenshots can also be helpful to explain problems/goals. Please use the "secure" tab for confidential information
-
Time to create page: 0.056 seconds