2011-10-02, 02:20 PM
Hi,
Recently when i logged into my site's ACP, Avast blocked a URL with malicious link. On further inspection of the ACP page source, I found that a malware site's link is injected and this happens for all ACP pages.
- All the user (front) end pages are not affected by this issue.
- I checked the MyBB feature of checking changed files. 2 Files were changed (/inc/functions.php & /install/resources/upgrade20.php). The former only had edits i had made for a plug-in and the 2nd did not have anything suspicious.
- Finally, I checked the files with changed last modified date (not foolproof i guess but still...), and came up empty.
Some screenshots for reference :
[attachment=24300]
[attachment=24299]
URL : www.indiachatforum.net
Could anyone suggest how I can find out the source of the malware infection ?
Thanks !
Recently when i logged into my site's ACP, Avast blocked a URL with malicious link. On further inspection of the ACP page source, I found that a malware site's link is injected and this happens for all ACP pages.
- All the user (front) end pages are not affected by this issue.
- I checked the MyBB feature of checking changed files. 2 Files were changed (/inc/functions.php & /install/resources/upgrade20.php). The former only had edits i had made for a plug-in and the 2nd did not have anything suspicious.
- Finally, I checked the files with changed last modified date (not foolproof i guess but still...), and came up empty.
Some screenshots for reference :
[attachment=24300]
[attachment=24299]
URL : www.indiachatforum.net
Could anyone suggest how I can find out the source of the malware infection ?
Thanks !