Invisible Malicious Code
-
The blog I manage is hacked. Somewhere in the style sheet or html is the following malcode:
<body><div style="position:absolute;left:-1031px;top:-505px"><a href="https://giapet.net/?otq=vardenafil">Vardenafil</a> <a href="https://giapet.net/?otq=tramadol-no-prescription">Tramadol no prescription</a> <a href="https://giapet.net/?otq=work-at-home">Work at home</a> <a href="https://giapet.net/?otq=debt-consolidation-service">Debt consolidation service</a> <a href="https://giapet.net/?otq=notary-public">Notary public</a> <a href="https://giapet.net/?otq=oxycontin">Oxycontin</a> <a href="https://giapet.net/?otq=prescriptions">Prescriptions</a> <a href="https://giapet.net/?otq=pokerstars">Pokerstars</a> <a href="https://giapet.net/?otq=easy-payday-loan">Easy payday loan</a> <a href="https://giapet.net/?otq=propecia-online">Propecia online</a> <a href="https://giapet.net/?otq=aciphex-20mg">Aciphex 20mg</a> <a href="https://giapet.net/?otq=soma-carisoprodol">Soma carisoprodol</a> <a href="https://giapet.net/?otq=payday-advance-loan">Payday advance loan</a> <a href="https://giapet.net/?otq=pay-off-debt">Pay off debt</a> <a href="https://giapet.net/?otq=casino-online">Casino online</a> <a href="https://giapet.net/?otq=myspace">Myspace</a> <a href="https://giapet.net/?otq=lansoprazole">Lansoprazole</a> <a href="https://giapet.net/?otq=free-slot-sites">Free slot sites</a> <a href="https://giapet.net/?otq=order-cialis">Order cialis</a> <a href="https://giapet.net/?otq=cosmotology">Cosmotology</a> <a href="https://giapet.net/?otq=classic-car-insurance">Classic car insurance</a> <a href="https://giapet.net/?otq=veterinary">Veterinary</a> <a href="https://giapet.net/?otq=order-ultram">Order ultram</a> <a href="https://giapet.net/?otq=buy-celexa">Buy celexa</a> <a href="https://giapet.net/?otq=credit-debt-consolidation">Credit debt consolidation</a> <a href="https://giapet.net/?otq=tramadol-buy-online">Tramadol buy online</a> <a href="https://giapet.net/?otq=get-phentermine">Get phentermine</a> <a href="https://giapet.net/?otq=tramadol">Tramadol</a> <a href="https://giapet.net/?otq=food">Food</a> <a href="https://giapet.net/?otq=buy-wellbutrin">Buy wellbutrin</a> <a href="https://giapet.net/?otq=pathology">Pathology</a> <a href="https://giapet.net/?otq=duromine-(brand-ionamin)">Duromine (Brand Ionamin)</a> <a href="https://giapet.net/?otq=party-poker-bonus-code">Party poker bonus code</a> <a href="https://giapet.net/?otq=casino-game">Casino game</a> <a href="https://giapet.net/?otq=prilosec">Prilosec</a> <a href="https://giapet.net/?otq=buy-avandia">Buy avandia</a> <a href="https://giapet.net/?otq=debt-solution">Debt solution</a> <a href="https://giapet.net/?otq=term-life-insurance">Term life insurance</a> <a href="https://giapet.net/?otq=party-poker-bonus">Party poker bonus</a> <a href="https://giapet.net/?otq=universities">Universities</a> <a href="https://giapet.net/?otq=xanax-brand">Xanax Brand</a> <a href="https://giapet.net/?otq=stomach">Stomach</a> <a href="https://giapet.net/?otq=allegra">Allegra</a> <a href="https://giapet.net/?otq=cialis">Cialis</a> <a href="https://giapet.net/?otq=order-carisoprodol">Order carisoprodol</a> <a href="https://giapet.net/?otq=phlebotomy">Phlebotomy</a> <a href="https://giapet.net/?otq=terbinafine">Terbinafine</a> <a href="https://giapet.net/?otq=bingo">Bingo</a> <a href="https://giapet.net/?otq=ambien-generic">Ambien generic</a> <a href="https://giapet.net/?otq=viagra-online-pharmacy">Viagra online pharmacy</a> <a href="https://giapet.net/?otq=what-is-adipex">What is adipex</a> <a href="https://giapet.net/?otq=fluoxetine">Fluoxetine</a> <a href="https://giapet.net/?otq=state">State</a> <a href="https://giapet.net/?otq=tenuate-diet-pill">Tenuate diet pill</a> <a href="https://giapet.net/?otq=auto-insurance-company">Auto insurance company</a> <a href="https://giapet.net/?otq=life-insurance-quote">Life insurance quote</a> <a href="https://giapet.net/?otq=soma-buy-online">Soma buy online</a> <a href="https://giapet.net/?otq=life-insurance-lead">Life insurance lead</a> <a href="https://giapet.net/?otq=internet-bingo">Internet bingo</a> <a href="https://giapet.net/?otq=hydrocodone-prices">Hydrocodone prices</a> </div>In the editor section of my dashboard, I can find where the source code claims it is, which is as follows:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="https://www.w3.org/1999/xhtml"> <head profile="https://gmpg.org/xfn/11"> <meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php bloginfo('charset'); ?>" /> <meta name="distribution" content="global" /> <meta name="robots" content="follow, all" /> <meta name="language" content="en, sv" /> <title> <?php bloginfo('name'); ?> <?php wp_title(); ?> </title> <meta name="distribution" content="global" /> <meta name="robots" content="follow, all" /> <meta name="language" content="en, sv" /> <meta name="generator" content="WordPress <?php bloginfo('version'); ?>" /> <!-- leave this for stats please -> <link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="<?php bloginfo('rss2_url'); ?>" /> <link rel="alternate" type="text/xml" title="RSS .92" href="<?php bloginfo('rss_url'); ?>" /> <link rel="alternate" type="application/atom+xml" title="Atom 0.3" href="<?php bloginfo('atom_url'); ?>" /> <link rel="pingback" href="<?php bloginfo('pingback_url'); ?>" /> <?php wp_get_archives('type=monthly&format=link'); ?> <?php wp_head(); ?> <style type="text/css" media="screen"> <!- @import url( <?php bloginfo('stylesheet_url'); ?> ); --> </style> </head> <body> <div id="wrap"> <div id="logo" onclick="location.href='https://wo.ala.org/districtdispatch';" style="cursor: pointer;" title="District Dispatch"> </div>but, that code I can access doesn’t display or allow me to remove the malcode. Any help?
- The topic ‘Invisible Malicious Code’ is closed to new replies.