Home > Announcements

So that was called a malware iframe insertion attack

By Johnna Ferguson

If you visiting our site  during certain hours this week, you may have been warned by your browser that our site was not safe to visit. malware When you get a warning like that, I’d advise you to believe it.

Don’t override a malware warning and visit the site anyway. Even those of you on a Mac.

Yup, we were hacked. The third party was able to do an iframe insertion, was basically opening an one-pixel size window on our site (therefore invisible to you) which ran some code from their site in the tiny window. No, I don’t know what the code did.

So on Tuesday and Wednesday, I’d delete their code frame, and they’d break in again later and put it back, but only once or twice a day. I tightened up my file permissions, changed FTP passwords, and finally managed to close their access.

We’re all clean now.  Google verified our site last night and took us off their suspicious sites list.

So, that was our adventure. Hope it wasn’t yours.

About Johnna Ferguson

Johnna Ferguson joined Segullah in 2005 and designed and managed all its websites until 2010. Any day she rides her bike is a good day.

4 thoughts on “So that was called a malware iframe insertion attack”

  1. Anyone want to throw in a word for their hosting provider? Mine doesn't have SFTP and I no longer think I can do without it.

    I'm webmaster AT segullah DOT org.

    Reply

Leave a Comment