• 0

Was my website hacked?

Asked by kjx,

 Share

Question

Experienced

kjx

Posted
Posted

A friend of a friend got an alert from avg when they tried to access a page on my site (I've not yet found out if it's there on every page but here's what AVG told them):

http://twitpic.com/19h0kd/full

The link to the page in question is: http://www.koshyjohn.com/life/index.html

It's an empty page with just a header and footer, and a link to the external addthis javascript file (worth investigating? I've seen a lot of big sites use this and that's the only basis for my trust).

I looked at the source code of the page in question on my machine and neither did NIS2010 alert me, nor did I find any url as shown in that image in the source of that page.

My webhosting passwords are secure (alpha-numeric, punctuation, longish, the works), but I'll probably change them anyway.

First of all, is this a false positive? If so, what is causing it? If not, how should I go about fixing the problem (a sketchy outline would be enough, I can work out the rest or ask if I have a question)?

(I did a quick check of the file against my secure local copy and they are identical)

Link to comment
https://www.neowin.net/forum/topic/884822-was-my-website-hacked/
Share on other sites

11 answers to this question

Recommended Posts

  • 0
Experienced

kjx

Posted
  • Author
Posted

The alert details the URL in question, although not your site per se, it *could* be an external call to this location from your site.

Are you sure it's not the other tab which appears to be still loading?

Yeah, I've considered that.. The only things external to my site are addthis (which powers the toolbar) and amazingcounters which powers the page counters. To the best of my knowledge, they are fairly big, used by a lot of reputable sites (particularly addthis) and if they were compromised in some way, more people would know about it.

I only have that image to work with, so I'm going to guess that it is my page being referred to unless AVG is just sloppy about how it reports things. I get at least 2000 hits to the site daily so if there was a problem, I would have heard from more people about it I guess.

And seeing that the peron is on Windows XP and using AVG, I wouldn't be surprised if their system was the compromised one - maybe a malicious add-on to firefox perhaps?

  • 0
Contributor

unintentional

Posted
Posted

My AV didn't pull up, so your site seems to be clean. AVG has been known to generate false-positives in the past, so I would tell your friend to switch to Avira, Avast!, Security Essentials, or something else. It's also possible it's the site loading in the first tab...

  • 0
Grand Master

cork1958

Posted
Posted

Nothing showing up here using Avira AV.

When I tried to save your page to file though, got SEVERAL errors saying stuff couldn't be read.

Here's one of the errors:

C:\Tunes\index_files\lg-share-en.gif could not be saved, because the source file could not be read.

Try again later, or contact the server administrator.

Also,

There is absolutely nothing showing up in the body of the page, but that's probably due to adblockplus? Is that site one big advertisement or something?

I'm using the Seamonkey web browser on XP Pro, fwiw.

  • 0
Veteran

Farchord

Posted
Posted

There's nothing malicious on your site. There's the addthis referrer to post your site on social networking sites and an amazingcounter thingy which I guess is just a simple visit counter. But there's nothing malicious here.

This topic is now closed to further replies.
 Share
Go to question listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Microsoft announces 12th-gen Surface Pro with Snapdragon X2 processors

      By monterxz · Posted

      We can all thank "AI" for that.
    • Microsoft announces 12th-gen Surface Pro with Snapdragon X2 processors

      By monterxz · Posted

      And none of them have a "notchless" 3:2 OLED screen, for which I was always willing to pay more.
    • Cybersecurity vets protest ‘dangerous’ US government ban on Anthropic’s most powerful models

      By neufuse · Posted

      Remember when the PS2 was banned from export because "its too high tech".. "it could be used for missiles".....
    • Nvidia 610.62 driver lands with big bug fixes and Empulse support

      By LoneWolfSL · Posted

      Nvidia 610.62 driver lands with big bug fixes and Empulse support by Pulasthi Ariyasinghe There is a new driver available for Nvidia GeForce hardware owners, and it's carrying a whole lot of bug fixes. The WHQL-certified 610.62 Game Ready driver is also adding support for Empulse. Empulse lands from 1047 Games. That may be familiar to first-person shooter fans, as this is the studio that has been behind Splitgate and the Splitgate: Arena Reloaded sequel. This latest FPS entry will land into early access on June 24, and it will have support for DLSS 4.5 with dynamic multi-frame generation and Nvidia Reflex on day one. FIXED World of Warcraft: Gaming stability improvements [5563205] FIXED Apex Legends: Occasional visual corruption after extended gameplay [6239327] FIXED Users may observe DLSS settings being grayed out in certain games after updating to display driver 610.47 [6262805] FIXED Improved gaming stability in multi-monitor configurations when using V-SYNC with DLSS Frame Generation [6158481] FIXED Resolved an issue that could cause jittering or ghosting in some DirectX 11 games when Smooth Motion is enabled [5937897] FIXED Resolved an issue that could cause some games to crash when launched with Smooth Motion enabled [5466398] FIXED [Ada] Resolves a frame pacing issue on certain monitors when G-SYNC is enabled [6226972] FIXED Resolved an issue that prevented the EDID from being read on certain monitors causing them to be identified as "NVIDIA NV-Failsafe” [6005508] FIXED Resolved an issue where certain monitors would not wake from sleep mode [5806798/5635230] FIXED General stability improvements when the system fails to create a new allocation [5449920] Nvidia has only listed a single open issue for this release: “Prefer Maximum Performance” Power Management Mode may not be applied correctly [6007998] The NVIDIA 610.62 driver is now available for download from the NVIDIA app. For those who want to download it directly, standalone links are here. Here are the official release notes (PDF).
    • Meet the browser: Firefox Next

      By _neutrino · Posted

      You could do that in the last 2 updates as well.

  • Recent Achievements

    • One Year In
      Console General earned a badge
      One Year In
    • One Year In
      Twozo Technologies earned a badge
      One Year In
    • One Month Later
      Twozo Technologies earned a badge
      One Month Later
    • Week One Done
      Twozo Technologies earned a badge
      Week One Done
    • Veteran
      branfont went up a rank
      Veteran

  • Popular Contributors

    1. 1
      +primortal
      510
    2. 2
      +Edouard
      190
    3. 3
      PsYcHoKiLLa
      109
    4. 4
      Steven P.
      89
    5. 5
      Nick H.
      68
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!