0x0 iframe

[mcuk2000]

Basically yesterday I visited one of my "creations" and instead of my site it appeared the firefox "Reported Attack Site" black page.

I checked my site and I found in the index, right under the <body> tag an invisible iframe 0x0 with a link to some .cn redirect.

WTF!!???:angryfire:

How did they gain access to my ftp and inserted the script?
What was the main purpose of the script? I am using a mac, can it be the reason why nothing (apparently) happened?
What shall I do to secure my site and prevent these hacks?

 

[hyperion]

MASTURBATE!

check permissions bitch and google it

 

[radarig]

Is your password brute-able? Are you running some sort of backend that could have been hijacked?

As to the purpose, what is on the .cn redirect?

And as hyperion said, check your file permissions.

 

[mcuk2000]

this is the redirect:

http://businessnameshop.cn/in/

 

[radarig]

Translated version of http://bloodybart.livejournal.com/

All I can find on that link is other people with the same problem. This guy (russian, obviously) made a blog post about it, and the best I can get out of the crap translation is that he got infected with a trojan that stole his FTP password.

 

[Jon]

Calm down with that midget porn downloading spree.. Then you wouldn't get fucked by things like this!

 

[Stanley]

It seems to me you already know the answer to all these questions, but you chose to ask them anyway.

 

[mcuk2000]

Jon> can you add " NOT CLICK SPYWARE " or something like that next to the link I posted before?

I checked the other sites hosted on the same IP/ftp but none had the html modificated. Is this shit working on macs as well?

 

[jryan21]

Jon> can you add " NOT CLICK SPYWARE " or something like that next to the link I posted before?

I checked the other sites hosted on the same IP/ftp but none had the html modificated. Is this shit working on macs as well?

Was your password for root 'password'?