You may have noticed over the last week or so a rather annoying little denomination on nearly all my blogs or websites. As you attempted to load the index page, it would load very slowly, and show “m-gallery.org” in the status bar, as if the page was being redirected away from the blog or website to m-gallery.org. Eventually, the page would time out, you’d end up with a blank page, or your browser would crash.
This code was the culprit:
[html][/html]
Somehow, a hacker managed to access 3,500 FTP accounts on Dreamhost servers (including mine), and editing index.* pages to include the above code. When this started happening with the websites on my server, I googled “m-gallery.org”, which only found 3 results, none of which made sense. Now, there are 76 results, which illustrates how the problem spread quickly.
There’s a good summary of the whole shebang here that explains how the hack worked.
If you’ve been infected as a result of accessing one of my blogs or websites, then I do apologise. You will be pleased to know that I *think* I have now managed to obliterate this nasty little bastard from my server. If you spot it anywhere, give us a shout.
Oh, I suppose I should tell you how to get rid of it if you’ve been infected. Basically, if you’re running a WordPress installation you just need to replace the index.php in the root of the installation, wp-admin and in the theme folder that you’re using with either a fresh copy or a copy that you may have backed up on your system. If it’s a simple website with HTML pages, just replace index.html with a copy you may have backed up on your system.
Any chance that what was wrong with my machine yesterday? Yesterday I had to restore it to an earlier time (picked 2 weeks ago!), as it really was being awkward. Sigh.
Not sure; to be honest, I wasn’t aware that it was affecting PC systems – just websites and browsers.
This “feature” doesn’t affect computers – so that counts out Rob for blaming.
But you’re using Windows, so really, that’s just a “feature” of Windows actually – suffers from what I call OS Rot – it just goes crappy over time and often I know of people that reinstall everything on Windows every 6 months due to that.
Time to switch different web hosting provider. Sheesh!
I would agree with you happy@aol.com, but I’m not sure it was only dreamhost that was affected. Plus, you get what you pay for. Dreamhost is cheap, therefore you have to expect a less than perfect service. Mind you, I still think its service is better than my last hosting provider, flexihostings.
@Rob
I have updated WordPress without problems thanks for the reminder Rob .. been meaning to do this.
@Alison,
Failure is not an option. It comes bundled with your Microsoft product.