www.webdeveloper.com
Results 1 to 4 of 4

Thread: Dealing with a trojan on a site

  1. #1
    Join Date
    May 2013
    Posts
    2

    Dealing with a trojan on a site

    Hi

    First up, I am very new to web development, so if you dislike dumb questions this probably isn't the thread for you. Hopefully this is the right forum, apologies if not.

    I've put together a couple of basic sites before, but I'm really at self-taught barely-above-beginer-level, so any help would be gratefully received. I'm looking at rebuilding a site for a local not-for-profit group. We're planning to put up a Wordpress site, but before even getting started we've found that the existing site has a trojan.

    It's called JS/IFrame.gen.j, and intermittently forces the site to redirect to another URL.
    (http://www.mcafee.com/threat-intelli...spx?id=1515751)
    I gather it exploits an iframe vulnerability, but that's about as far as my understanding goes.

    So...not sure what to do about it. The hosting company have been less than helpful, their virus scanner doesn't detect it, and they just said "correct the code not to use the iframe". I wouldn't even know how to go about finding it, let alone removing/correcting it.

    A few things I'm wondering...
    • Should the hosting company be more helpful here e.g. identifying the infected file
    • How would I go about finding & dealing with the trojan?
    • How would it likely have got onto the site in the first place?


    Thanks for any help

    Alex

  2. #2
    Join Date
    May 2005
    Location
    Gold Coast (MS)
    Posts
    2,198
    Videos of how to remove js/iframe.gen.j

    See: Virus Profile: JS/IFrame.gen.j

    Exploit:HTML/IframeRef.DM
    Aliases: Trojan.IFrame (Ikarus) , JS/IFrame.gen.j (McAfee) , Troj/Iframe-JG (Sophos)
    Description: Exploit:HTML/IFrameRef.DM is a specially-formed iFrame tag that points to remote websites containing malicious content.
    Published Date: Mar 21, 2013
    Alert level: Severe

    Additionally:

    Exploit:HTML/IframeRef.DM

    Encyclopedia entry
    Updated: Mar 21, 2013 | Published: Jan 06, 2013

    Aliases

    IFrame.gen (Command)
    Iframe.UW (Norman)
    Virus found HTML/Framer (AVG)
    JS/iFrame.bzw.5 (Avira)
    Trojan.Iframe.BZW (BitDefender)
    JS/Iframe.HH trojan (ESET)
    Trojan.IFrame (Ikarus)
    JS/IFrame.gen.j (McAfee)
    Troj/Iframe-JG (Sophos)

    Alert Level Severe

    Latest Definitions
    Last edited by Major Payne; 06-02-2013 at 06:30 AM.

  3. #3
    Join Date
    May 2013
    Posts
    2
    Thanks, I'll check that out

  4. #4
    Join Date
    May 2005
    Location
    Gold Coast (MS)
    Posts
    2,198
    You're welcome. Let me know how it comes out.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles