It's not random.. the bad guys either have your login info (you did change it from another computer didn't you?) and or they are using "bots" to search WP sites for vulnerabilities.. the attack you had this time may be a different one, from a different group.. there are a million scenarios.. Debbie
At 05:29 PM 11/12/2008, you wrote: >Thanks for your help guys - after review last night I was un-badded >again... But It's really a bit concerning to me - I check all my >comments as they come in, and I have checked all my wordpress files >and they seem clean (and at least unmodified for a long time!) - It IS >an old (highly modified) version of wordpress (I try to keep up with >security issues, but it's certainly possible I've missed something. > >My question is - why would it be "random" - My site was deemed to have >badware, I request review, it gets "okay"-ed. 5 months later - a >repeat. (and the 20 or so emails and DM's I get from people letting me >know ;) > >Do you guys know of some kind of badware attacks that just sit dormant >for 5 months?! Any suggestions on what I might check to prevent this >from happening again in April 2009? ;) > >Thanks again! > >On Nov 12, 3:59 pm, Mr Speaker <[EMAIL PROTECTED]> wrote: > > Hi, my site (http://mrspeaker.webeisteddfod.com/) has been flagged by > > stopbadware again. Last time (about 5 monts ago) I was forced to join > > up google webmaster things to request a "review". Within a few hours > > my site was deemed un-bad again, but with no details on why they > > thought it was bad. > > > > I don't have any ads, or third-party stuff on my blog, but I do have > > tonnes of javascript (hey, that's what the blog is about ;) - I > > thought some of that (xbm image code) might have triggered it as it > > contains hex encoded strings etc. > > > > So i removed the potentially offending parts - and I thought that must > > have been it, as I wasn't bothered by stopbadware again. > > > > But today it has re-surfaced. The google message is : > > Of the 1 pages we tested on the site over the past 90 days, 1 page(s) > > resulted in malicious software being downloaded and installed without > > user consent. The last time Google visited this site was on > > 2008-11-10, and the last time suspicious content was found on this > > site was on 2008-11-10. > > Malicious software is hosted on 1 domain(s), including 202.75.35.0. > > > > I've been scouring over the html output and can't see anything > > weird... is there anyway of finding out a bit more information, so > > that I can try and stop this happening again? > > > > Thanks! > > Regards, Debbie ^v^ ^o^ //\o/\\ ^o^ ^v^ Webmaster - System Admin - IDSR Bookmark our new Blog/Journal featuring News, New Arrivals and special deals. http://nailgdsss-beautytech.blogspot.com/ [EMAIL PROTECTED] (AOL or AIM - NailGdsss, GTalk - wkdwich, MSN - [EMAIL PROTECTED]) WWWeb Services, Ronkonkoma, NY & Rocky Mount, VA 631-981-1273 fax 631-981-7557 ONLINE STORE http://www.beautytech.com/shoppe http://www.beautytech.com & http://www.beautytech.INFO for Professionals for Consumers --~--~---------~--~----~------------~-------~--~----~ You received this message through the Google Groups "stopbadware" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/stopbadware?hl=en -~----------~----~----~----~------~----~------~--~---
