Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
Avast and malicious software in email
Message
From
25/03/2008 16:55:43
Al Doman
M3 Enterprises Inc.
North Vancouver, British Columbia, Canada
 
General information
Forum:
Politics
Category:
Other
Title:
Re: Avast and malicious software in email
Miscellaneous
Thread ID:
01305244
Message ID:
01305468
Views:
6
>Thank you. I have just sent a message to the site support if I can use non-alph-numberic characters in my password.
>
>Today I was doing more investigation and came up with another possibility. My site URL is very close (the same almost) with a Canadian rock group. I have a formal agreement with them (cost me dearly) to allow each other to operate. From their MySpace I just saw, they have tons of fans, teen girls and boys. Maybe somebody got upset that I am "occupying" their web site and wanted to pester me. It is possible, I guess. Anyway, I will be changing the password today and will be bugging Google to remove the warning message.

Dmitry, I don't think you're taking this seriously enough.

You got hacked. You don't know how you were hacked. Your website and the software stack it runs on is no longer trustworthy.

http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx (old, but still totally relevant)

At this point you have no idea what backdoor software may have been installed, any hidden administrator accounts that have been created that give the remote hacker/botnet complete control of your site and computer no matter what you do with your account/password, etc. etc.

What happens next depends on your relationship to your ISP/Web host:

- if you own and have complete control over the server (e.g. you're colocating or have a dedicated server) there's a good chance you'll have to rebuild your server from scratch

- if your host is providing you a Windows/IIS/ASP.Net platform, and you're just supplying your site on top of that, your life is probably much easier. It's up to your host to ensure that Windows/IIS/ASP.Net are clean and patched, and you reload your repaired site after setting up strong passwords on any account you use to do so. You'll want assurance from your host that the software stack they're supplying is patched against current threats

If your site starts serving up the malicious script again, because you didn't address the real cause of the hack, Google will probably blacklist you forever.
Regards. Al

"Violence is the last refuge of the incompetent." -- Isaac Asimov
"Never let your sense of morals prevent you from doing what is right." -- Isaac Asimov

Neither a despot, nor a doormat, be

Every app wants to be a database app when it grows up
Previous
Next
Reply
Map
View

Click here to load this message in the networking platform