fabcards Posted August 8, 2012 Share Posted August 8, 2012 Not sure if my site has been hacked but when i view the page source at the bottom of most pages i can see links to a load of other sites?....Have i been hacked? How do i remove these links? Are they dangerous? www.fabcards.ie Link to comment Share on other sites More sharing options...
Guest Posted August 8, 2012 Share Posted August 8, 2012 @@fabcards I don't see any signs of hacker activity and the only thing I see loaded remotely is your Google Analytics....... Chris Link to comment Share on other sites More sharing options...
fabcards Posted August 8, 2012 Author Share Posted August 8, 2012 but when i view source at the bottom i get a load of rubbish like <!-- [90cbc035f8d7ea32fbc6434d3ce91443 --><!-- 8428386921 --><a href=javascript:document.getElementById('block28').style.display='block';" title="more"> </a><div id="block28" style="display:none"><ul><li><a href="http://notwriting.com/commentary_111002.htm?cheap_pill=774">how much does mobic cost</a></li><li><a href="http://notwriting.com Lookign at my files on the hosting server i see some files in the catalog/pub directory that i dont see on my local copy. viewed some of these files and inside mentions a pakistan hacker???There are two new folders in there Bomba and Bomba1 and inside these are aload of files with no file type so i cant seem to do anything with them...download nor delete.....am i safe enough to delete these folders or could this bring down my site altogether? Link to comment Share on other sites More sharing options...
♥geoffreywalton Posted August 8, 2012 Share Posted August 8, 2012 It does look like you have been hacked. There are loads of posts listing what you need to do to cleanse your site and block the known route the hackers can use on unsecured site. I have PM'd some usefull info. Cheers G Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile Virus Threat Scanner My Contributions Basic install answers. Click here for Contributions / Add Ons. UK your site. Site Move. Basic design info. For links mentioned in old answers that are no longer here follow this link Useful Threads. If this post was useful, click the Like This button over there ======>>>>>. Link to comment Share on other sites More sharing options...
Guest Posted August 8, 2012 Share Posted August 8, 2012 @@fabcards Odd, I don't see it when I view your source............ Chris Link to comment Share on other sites More sharing options...
fabcards Posted August 8, 2012 Author Share Posted August 8, 2012 this is a page im viewing the source of http://fabcards.ie/oscommerce2/catalog/product_info.php?cPath=22_35&products_id=63. Maybe its only on some pages Link to comment Share on other sites More sharing options...
germ Posted August 8, 2012 Share Posted August 8, 2012 A few years ago there was a hack going around that only displayed the hack links if you were a web bot indexing a site. The hack had the IP addresses of all the major search engines and only spit out the extra links if the IP of the visitor matched one on their list. The only way for the "average joe" to see the links was to view g00gle's cache of the site. Somehow the cache isn't always available on g00gle now like it was a few years ago. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
germ Posted August 8, 2012 Share Posted August 8, 2012 this is a page im viewing the source of http://fabcards.ie/oscommerce2/catalog/product_info.php?cPath=22_35&products_id=63. Maybe its only on some pages Definitely hacked. :( If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
fabcards Posted August 8, 2012 Author Share Posted August 8, 2012 any idea of how it can be removed? Link to comment Share on other sites More sharing options...
germ Posted August 8, 2012 Share Posted August 8, 2012 Find the hack file(s) and remove it(them). If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
fabcards Posted August 9, 2012 Author Share Posted August 9, 2012 Looking at my files on the hosting server i see some files in the catalog/pub directory that i dont see on my local copy. viewed some of these files and inside mentions a pakistan hacker???There are two new folders in there Bomba and Bomba1 and inside these are aload of files with no file type so i cant seem to do anything with them...download nor delete.....am i safe enough to delete these folders or could this bring down my site altogether? I dont want to risk downloading the folders to my local computer but am afraid if i delete i may mess up my whole website???? Link to comment Share on other sites More sharing options...
♥geoffreywalton Posted August 9, 2012 Share Posted August 9, 2012 You can always zip up your site and keep a "security" copy. But if "someone" had added them you definately don't want to keep them on your server. Cheers G Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile Virus Threat Scanner My Contributions Basic install answers. Click here for Contributions / Add Ons. UK your site. Site Move. Basic design info. For links mentioned in old answers that are no longer here follow this link Useful Threads. If this post was useful, click the Like This button over there ======>>>>>. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.