>Thank you. I have just sent a message to the site support if I can use non-alph-numberic characters in my password.
>
>Today I was doing more investigation and came up with another possibility. My site URL is very close (the same almost) with a Canadian rock group. I have a formal agreement with them (cost me dearly) to allow each other to operate. From their MySpace I just saw, they have tons of fans, teen girls and boys. Maybe somebody got upset that I am "occupying" their web site and wanted to pester me. It is possible, I guess. Anyway, I will be changing the password today and will be bugging Google to remove the warning message.
Dmitry, I don't think you're taking this seriously enough.
You got hacked. You don't know how you were hacked. Your website and the software stack it runs on is no longer trustworthy.
http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx (old, but still totally relevant)
At this point you have no idea what backdoor software may have been installed, any hidden administrator accounts that have been created that give the remote hacker/botnet complete control of your site and computer no matter what you do with
your account/password, etc. etc.
What happens next depends on your relationship to your ISP/Web host:
- if you own and have complete control over the server (e.g. you're colocating or have a dedicated server) there's a good chance you'll have to rebuild your server from scratch
- if your host is providing you a Windows/IIS/ASP.Net platform, and you're just supplying your site on top of that, your life is probably much easier. It's up to your host to ensure that Windows/IIS/ASP.Net are clean and patched, and you reload your repaired site after setting up strong passwords on any account you use to do so. You'll want assurance from your host that the software stack they're supplying is patched against current threats
If your site starts serving up the malicious script again, because you didn't address the real cause of the hack, Google will probably blacklist you forever.
Regards. Al
"Violence is the last refuge of the incompetent." -- Isaac Asimov
"Never let your sense of morals prevent you from doing what is right." -- Isaac Asimov
Neither a despot, nor a doormat, be
Every app wants to be a database app when it grows up