Round my mums today and her friend was over for a cup of tea. My mum called me in as her friend was having some trouble with her computer.
I'll try and keep this short. The problem is that she has had a virus on her computer on and off for a year, except the odd bit is the computers been formatted a few times as the final big fix, as well as her plumping up for a new router as advised (and probably charged for installation) by the computer repair people. Anyway she explains to me that today she thinks she's infected again as when she visits her business website she's noticed her browser trying to get to http://henn****.** (I've partially starred out the link as it's a malware page). Now bare in mind she's noticed this redirect before and always assumed she's been infected when she's noticed it in the past. So I had a quick look at her web page and notice a bit of javascript pointing to the above page. I have look at the personal page of the guy who designed the site for her, and what do you know the same bit of javascript is hidden on there.
So to me it looks like someone has managed to get access to the space he's used for her site and his personal one, and insert this bit of code into both index pages. I doubt it's anything sinister from the guy himself as I've seen this sort of thing happen before where the hosting gets compromised, I just find it ridiculous that over the course of the last year no one noticed this, yet I find it in 5 mins. I'm not blowing my own horn here, it just wasn't difficult to find this bit of rogue code.
I'd be fuming if I was my mums friend as it's nothing she's done wrong in the slightest, yet she's ended up paying an arm and a leg for it. I haven't asked but I can't believe she hadn't mentioned it to this hosting guy at some stage over the last year, I mean because she pays him for a service surely he'd owe it to her to at least check his source code. I mean I know if I was just doing it as a favour I might shrug it off and say nah it can't be the source code, but to be actually running a business is a whole different story surely?
/rant
I'll try and keep this short. The problem is that she has had a virus on her computer on and off for a year, except the odd bit is the computers been formatted a few times as the final big fix, as well as her plumping up for a new router as advised (and probably charged for installation) by the computer repair people. Anyway she explains to me that today she thinks she's infected again as when she visits her business website she's noticed her browser trying to get to http://henn****.** (I've partially starred out the link as it's a malware page). Now bare in mind she's noticed this redirect before and always assumed she's been infected when she's noticed it in the past. So I had a quick look at her web page and notice a bit of javascript pointing to the above page. I have look at the personal page of the guy who designed the site for her, and what do you know the same bit of javascript is hidden on there.
So to me it looks like someone has managed to get access to the space he's used for her site and his personal one, and insert this bit of code into both index pages. I doubt it's anything sinister from the guy himself as I've seen this sort of thing happen before where the hosting gets compromised, I just find it ridiculous that over the course of the last year no one noticed this, yet I find it in 5 mins. I'm not blowing my own horn here, it just wasn't difficult to find this bit of rogue code.
I'd be fuming if I was my mums friend as it's nothing she's done wrong in the slightest, yet she's ended up paying an arm and a leg for it. I haven't asked but I can't believe she hadn't mentioned it to this hosting guy at some stage over the last year, I mean because she pays him for a service surely he'd owe it to her to at least check his source code. I mean I know if I was just doing it as a favour I might shrug it off and say nah it can't be the source code, but to be actually running a business is a whole different story surely?
/rant
Last edited:
hahaha
