possible hijacked pages

  • Author
    Posts
  • #443911

    tmucci
    Member

    Recently, at the top of my blog pages are the words INCLUDE_DATA. When I view the source code I notice a javascript code inserted at line 861 beginning with “document.write(unescape( and a string of codes) followed by the words INCLUDE DATA. Also, when a page on my blog loads, a website is being accessed at the location 122.115.62.2.

    On other PC’s McAffee identifies the code on each page as a trojan call JS/Wonka

    I am not sure how to fix this problem. Does it meean I have to disable my blog and start from scratch?

    any help would be appreciated

    #444044

    tellyworth
    Staff

    Sorry but unless your blog is hosted at WordPress.com we can’t help. You didn’t say what its address is so we don’t know.

    If it’s a WordPress blog you host yourself, please go here:

    http://wordpress.org/support/

    http://ismyblogworking.com/ will often detect a hacked blog.

    #444195

    tmucci
    Member

    tellyworth…

    sorry about that… my site is hosted by WordPress at
    medianet-ny.com/wordpress/ [WARNING Harmful link broken do NOT visit the site the site will try to download malware on your computer -t3ck]

    I ran the program you mentioned and it seems to indicate my pages have been compromised without my knowledge —- and when I chck the source I see the problem which is how I reported above.

    If I can locate the code somehow, I will delete it…

    I will go to the link you gave me and reprot this again on the proper forum…

    Thanks for your help

    Tom

    #444206

    timethief
    Member

    @tmucci
    The very bottom of your blog states “powered by WordPress”. This indicates that you do NOT have a wordpress.com blog.

    You do have a web host. You are self hosting a wordpress.ORG software install and you are posting to the wrong forum. Please post to the correct forum here http://wordpress/org/support/

    The differences between wordpress.org and wordpress.com are found in the Please read me first sticky post at the head of this forum:
    https://en.forums.wordpress.com/topic/please-read-me-first-before-posting?replies=1

    #444267

    djlightsout
    Member

    Hey buddy, did you resolve this problem yet? I’m having the same issue :(

    #444304

    justjennifer
    Moderator

    djlightsout- If you have a problem with your self-hosted blog, you need to ask over at http://wordpress.org/support/ because we have no access to the working side of the program here and therefore can’t offer solutions.

    WordPress.COM or WordPress.ORG? The difference

    8 Things To Know Before Posting in WordPress.Com Forums

    If you are talking about your WordPress.COM blog, please give us the address, starting with http://

    #444336

    kenshi
    Member

    I got a temporary fix outlined here: [Potential Harmful link removed – t3ck]

    I found some malicious code in my header.php

    Still unsure how it got hacked

    #444340

    justjennifer
    Moderator

    @kenshi-hopefully you posted that in the ORG support forum, because this problem does not affect WordPress.COM blogs.

    #444460

    shrug
    Member

    Guys, yeah, this is all helpful and stuff but wordpress.com isn’t the same as wordpress.org. One is self-hosted and the other is not. My recommendation is to familiarize yourself with the difference between them.

    Here’s the relevant discussion on the proper forum: http://wordpress.org/support/topic/360972

    #444461

    timethief
    Member

    Here’s a detailed descritption of the differences between wordpress.com and wordpress.org http://en.support.wordpress.com/com-vs-org/ Please do NOT post to this thread unless you have a blog that’s free hosted by wordpress.COM

The topic ‘possible hijacked pages’ is closed to new replies.