Author |
Topic |
|
conkasvp
Starting Member
Spain
1 Posts |
Posted - February 06 2008 : 00:36:12
|
Avast reports that our VPASP Site is infected with a worm which I believe to be caused by a Script infection which relates to b.njnk.net/E/J.JS. When I searched on Google I found a large number of references to its existence in VPASP Shops and one reference to the VPASP Forums. I have searched through the VPASP Forums for this reference without success.
Please can someone explain what has happened and point me in a direction to resolve it.
Mark Richards Conkas |
|
support
Administrator
4679 Posts |
Posted - February 06 2008 : 00:42:23
|
Hi Mark,
You need to ensure you have all of the patches applied to your site to block access.
There is a tool available from BYZ which you can use to check your tables to see where the script has been entered.
http://www.bigyellowzone.com/shopexd.asp?id=146
We now have a tool which we will be making available shortly that will strip the script references from compromised fields in your database.
If you post a ticket in our help desk with a request for the data scrubber we will forward to you. https://www.vpasp.com/virtprog/helpdesk/
The best way to avoid this in the first place is to apply all of the patches listed for your version on our web site at: http://www.vpasp.com/virtprog/info/faq_security.htm
Thanks Cam
Vp-ASP Support |
|
|
MoreToIt
Starting Member
7 Posts |
Posted - February 07 2008 : 04:09:17
|
Hi, just been checking the forums, as for the past couple of days I've noticed my site has had some malicious software infections. I've tracked this down to the same b.njnk.net/E/J.JS mentioned in this topic, and when I googled for it, it seems a number of other sites based on vp-asp have had the same issue. Therefore, I'm just about to run the tool from BYZ but have also requested a ticket for the data scrubber. I'll let you know how it goes.
John Cudley |
|
|
Steve2507
VP-CART Expert
590 Posts |
Posted - February 16 2008 : 17:26:27
|
Been away for a while (busy Christmas followed by wife going on maternity leave - there is only the two of us in the business - then Son born), but back now and found out about this on Thursday. all fixed now, but the ay we were hacked was wierd.
Only a few products had the code in them (the cdescription). These products had all been uploaded about 3 weeks ago and nothing else was infected. It just seemed strange that only a few prods were caught, not the entire range.
Any ideas?
Steve www.temptationsdirect.co.uk |
|
|
support
Administrator
4679 Posts |
Posted - February 16 2008 : 23:47:30
|
Hi Steve,
Sorry to hear you were hit and congratulations on your new addition! Lots of fun times ahead.
Can you please move this to our online helpdesk so we can assist directly.
Thanks Cam
VP-ASP Support
|
|
|
|
Topic |
|