/    Sign up×
Community /Pin to ProfileBookmark

HTML.IFrame-10 exploit on website?

Copy linkTweet thisAlerts:
Feb 10.2008

Hi all,

Have had people reporting viruses on my website.. although I develop on Mac and have not seen any reports of these viruses.

I ran ClamXAV (Mac AV Scanner) on the FTP contents on my site and the report brought back 13 instances of ‘HTML.IFrame-10’ exploit. See below:

“/Volumes/****.net/public_html/wp-content/index.php: HTML.IFrame-10 FOUND
/Volumes/****.net/public_html/wp-content/cache/wp-cache-fddf38cd855dd7915a0e9634384ae8b0.html: HTML.IFrame-10 FOUND
/Volumes/****.net/public_html/wp-content/cache/wp-cache-f9ece22b5e4c1fca9539723ed71075c7.html: HTML.IFrame-10 FOUND
/Volumes/****.net/public_html/wp-content/cache/wp-cache-e6381570d488b98e8ccb48f6040fc161.html: HTML.IFrame-10 FOUND
/Volumes/****.net/public_html/wp-content/cache/wp-cache-d16e4e48945f27b592332edf1baebcd4.html: HTML.IFrame-10 FOUND
/Volumes/****.net/public_html/wp-content/cache/wp-cache-b86d326cae1609c8ac1ff0cb115de786.html: HTML.IFrame-10 FOUND
/Volumes/****.net/public_html/wp-content/cache/wp-cache-60a19eeb213d712e633ec8f127c96af2.html: HTML.IFrame-10 FOUND
/Volumes/*****.net/public_html/wp-content/cache/wp-cache-505ac9b342f0fa3cda83b46f7774a7cb.html: HTML.IFrame-10 FOUND
/Volumes/*****.net/public_html/wp-admin/index.php: HTML.IFrame-10 FOUND
/Volumes/*****.net/public_html/index.php: HTML.IFrame-10 FOUND
/Volumes/*****.net/public_html/eva/index.html: HTML.IFrame-10 FOUND
/Volumes/*****.net/public_html/ciara/index.html: HTML.IFrame-10 FOUND”

Any ideas what I could do to get rid of it as couldn’t find any solutions online?

Regards,

Brian

to post a comment
Full-stack Developer

2 Comments(s)

Copy linkTweet thisAlerts:
@ray326Feb 11.2008 — http://www.f-secure.com/v-descs/iframe.shtml

http://www.viruslist.com/en/viruses/encyclopedia?virusid=78107

Sounds like either your development system is infected or, more likely, your host system has been cracked. What is wp-content? Is this a WordPress site?
Copy linkTweet thisAlerts:
@basquilleauthorFeb 11.2008 — Sounds like either your development system is infected or, more likely, your host system has been cracked. What is wp-content? Is this a WordPress site?[/QUOTE]
Yes, it's a Wordpress site but i've got 3 subdomains (eva, kate, cian) all with the virus also.

Scanned my Mac and it found a couple of instances of the same virus in my Firefox cache, which I deleted. But unsure of what to actually do with the instances found on the site.

The hosting company I'm with have had patchy reviews - 3ix.org - but they seemed fine up until now. No chance it'd be their doing.. unlikely I'm sure.
×

Success!

Help @basquille spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.13,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...