Hacked, redirect on mobile devices

  • Author
    Posts
  • #3192032

    Hi,
    I’ve got a school blog site hosted by wordpress, it’s anderstonprimary.wordpress.com

    I tried to access from my phone and got a spam redirect (to something called cardross). I’ve changed the admin password, deleted some users that aren’t anything to do with the school, and done scan with both WebInspector and VirusTotal, neither of which could find any problems. I’ve read loads of ‘how to fix it’ posts but they all seem to refer to people who host their own wordpress sites and therefore can access the root folders – they indicate it’s malicious script in .htaccess but I don’t know how to look for this to fix it, given it’s a free site all handled through WordPress. If relevant, the theme I’m using is called Rowling.

    Help please!
    Thanks in advance,

    The blog I need help with is anderstonprimary.wordpress.com.

    #3192034

    torres126
    Member

    Hi there,

    I completely understand how frustrating this is, you’re most likely not hacked, but your the culprit is probably just a dodgy advert (it’s fine for me). I’ve tagged WordPress.com staff to help you with this issue and confirm if it’s the case.

    May I recommend taking a look at this thread: https://en.forums.wordpress.com/topic/potential-wordads-dangerous-redirect/

    Details such as a screenshot of the advert would almost certainly be appreciated, if you’re able to provide them.

    Thank you. :)

    #3192043

    Hi,
    Thanks for the info, here’s a screenshot of the page it redirects to.
    https://www.dropbox.com/s/hjbne3gnauklzu9/Screenshot_2018-10-07-11-40-16.png?dl=0

    This happens without any clicks from the homepage of the site. I’m using my own phone, on my home wireless. It’s replicated on multiple visits (all this morning). However I just tried from an ipad and it’s NOT replicated (but maybe cos of a different ad, I dunno?)

    #3192044

    torres126
    Member

    Thanks for that! If you get it again, could you please also post here the full URL of the website you’re redirected to?

    #3192083

    Here it is, I’ve put in the extra chars to stop it parsing as a link hopefully… Mmmmmmhttps://www.2365478.com/index/valid?jkhjkhetjkewhkjth=d48d181f77934e55ac36b6282580be28_2b7a2cb150ad6f6abe3b58889b4124a3_MTM4_MjQy_Mjcx_MA==_cHViaWQ9YW9sXzM2NTkzNyZzaWQ9YW5kZXJzdG9ucHJpbWFyeS53b3JkcHJlc3MuY29t_MjJfMjAxODEwMDcxODQw_aHR0cHM6Ly93d3cuMjM2NTQ3OC5jb20=_R0I=_MTUzODkwODgwNA==&mk1=&pubid=aol_365937&sid=anderstonprimary.wordpress.com&source=#

    #3192160

    I’m having the exact same problem with the same site redirect!

    #3192329

    telwyn
    Member

    I had the same issue reported on my blog also, a friend using an Android phone’s in-built browser saw this same sight at 23:59 BST (late last night). I can’t see the problem on my own iPhone this morning but then is this only affecting Androids?

    Site is gamingsf.wordpress.com and is functioning normal as far as I can see.

    #3192606

    kokkieh
    Staff

    Hi there,

    @parentcouncildaisy

    Can you please confirm that you’re seeing this on an Android device? What browser are you using and what type of browser?

    Can you also please visit http://supportdetails.net/ on your phone, and take a screen shot of that page for me? I specifically need your IP address. Upload that screen shot to your site’s media library at My Site ->Media Add where I can see it – please don’t post your IP here in the public forum.

    @toanothermagnet, please give your site’s address, device and browser details, and upload screen shots of both the ad and your IP address to your site’s media library.

    @telwyn, these are actually the first reports I’ve seen for Android phones – we have seen a few others for iPhones and are tracking the issue. Please also provide the information I requested above: the more info we can gather on this, the better our chances of finding the specific advertiser responsible for these ads so we can block them.

    #3192616

    Yes, an android phone, running Android 6.0, browser is Chrome.
    I tried again today, refreshing the page, and the spam ad did not appear. I also reloaded the page using mobile data instead of wifi and it did not appear.

    Do you need the IP address when I’m using my home wifi, where the problem first occurred? I’m on different wifi now so not sure if that will be any use?

    #3192781

    iapedus
    Member

    Hi, I have the same problem on my page, 10+ readers told me they were getting multiple un-closable pop up adds that made my blog unreadable.

    my page is https://languormanagement.wordpress.com/

    The issues seemed to be limited to iPhone users – I could see the pop ups on my phone, but not when viewing thru the pad or PC.

    #3192816

    supernovia
    Staff

    Thanks folks. This should be resolved now, but if not, please let us know right away. These details will help:

    – A screenshot
    – the exact URL you were visiting
    – the time (which is typically in the screenshot)
    – the IP address for the device (you can use whatismyip.com)

    Thank you in advance!

    #3193010

    Thanks, I’ll keep an eye on it.

The topic ‘Hacked, redirect on mobile devices’ is closed to new replies.