Recently a new virus has come to light which has exceeded all expectations at the rate at which it is spreading. This blog post aims to provide:
- Information on the threat itself
- Info on how to clean your PC
- Info on how to clean your website
Information on the threat:
One aspect of gumblar’s existence is how it can use FTP details stored on your PC to upload malicious code to your web presence in order to spread itself further. Some FTP programs such as FileZilla apparently store passwords in plain text and as such can be exploited quite easily. The issue is not a server side issue.
Links with further information:
Information on cleaning your PC:
- http://www.malwarebytes.org/ (Referenced as being a good tool for identifying an infection)
Cleaning your website
- 1 – Change FTP password via Cpanel
- 2 – Do not store the FTP password in any profile etc
- 3 – Replace existing website with last known ‘good’ backup
- 4 – Change Cpanel / FTP password again via Cpanel
To avoid being re-infected we recommend running antivirus software such as AVG or Avast. We also recommend upgrading your browser to its most up to date version and running anti malware software such as that available from http://www.malwarebytes.org/. You may also want to ensure Google does not have your website listed here: http://stopbadware.org/home/reportsearch as a potential unsafe website. This can lead to issues with your search engine rankings.
Please note: External links are provided for your convenience and Letshost.ie cannot be responsible for the content / software etc on these sites.