WordPress.org

Support

Support » How-To and Troubleshooting » Google issuing warnings about WP site: "content from counter-wordpress.com"?

Google issuing warnings about WP site: "content from counter-wordpress.com"?

  • Anyone know if this is part of core code, or coming from a plugin?

    Warning: Something’s Not Right Here!
    <your WP site> contains content from counter-wordpress.com, a site known to distribute malware. Your computer might catch a virus if you visit this site.
    Google has found that malicious software may be installed onto your computer if you proceed. If you’ve visited this site in the past or you trust this site, it’s possible that it has just recently been compromised by a hacker. You should not proceed. Why not try again tomorrow or go somewhere else?
    We have already notified counter-wordpress.com that we found malware on the site. For more about the problems found on counter-wordpress.com, visit the Google Safe Browsing diagnostic page. (http://bit.ly/na8G5m)

Viewing 15 replies - 16 through 30 (of 57 total)
  • I get the same message. Someone have a fix?????

    There is a fix but it’s different for every install. These hackers got sneaky. If you have TimThumb installed in your theme, you might get this virus.

    Read this:

    http://wordpress.org/support/topic/iframe-hack-3

    @coolguygreg clear out the cache in Chrome after you have cleaned your WP install

    I have the same issue, sucuri indicates that my jquey file and another file are infected also when I downloaded my backups to windows my antivirus detected infections in 2 PHP files.

    Malware found on javascript file:
    http://****.com/wp-includes/js/jquery/jquery.js?ver=1.6.1

    Malware found on javascript file:
    http://*******.com/wp-includes/js/l10n.js?ver=20101110

    Backdoor:PHP/Merview.A
    \wp-admin\common.php->(SCRIPT0000)
    \wp-admin\js\config.php->(SCRIPT0000)

    Can also confirm that I have timthumb in my WPZOOM theme.

    Ipstenu said:

    Then you’re not cleaning it up right.

    Best way at this point would be to do this:
    1) backup EVERYTHING to your PC. Files and DB.

    2) DELETE the files on your server. Yeah. Don’t worry, your posts are on your database, we’re leaving that alone.

    3) Change your passwords fro SSH/FTP and SQL

    4) On your PC, review the following files:
    .htaccess
    wp-config.php

    They look okay? Good. Copy them back up to your server (remember to edit your wp-config.php with your new SQL password).

    5) Get FRESH and CLEAN downloads of WordPress, all your themes and plugins

    6) As soon as you get in, change your passwords.

    Could someone please email me too..I really need a walk-through to deal with this.

    Thanks!

    Andrea Rennick

    @andrea_r

    Customer Care at Copyblogger Media and Studiopress

    and also change your ftp passwords. if they get into the server itself, it does not matter how secure WP is. they can get to your files like you can.

    Also moving this out of the multisite forum.

    @magzparmenter you can do it! Follow these instructions. It can be overwhelming but a fresh install later and clearing out your browser’s cache will be a huge help.

    http://wordpress.org/support/topic/iframe-hack-3?replies=42#post-2290168

    FOLLOW THAT LINK!!!

    I agree with Jorge, the best way to ensure your site is clean is to back everything up and start fresh and load everything back one at a time while testing to make sure what you are putting back works properly.

    I know this sounds awful, but I’ve never done anything like this before. How do I get a backup that won’t also be infected?

    @magzparmenter

    You download EVERYTHING (the new WP install and all your plugins) from WordPress.org and if you’re using premium themes, make sure they’re not running the TimThumb image resizing library.

    IF YOU DO RUN TimThumb, make sure your server (localhost) is the only domain that can write into your directories. You can do that by opening up /timthumb.php or /thumb.php in your theme and configuring not to allow remote access.

    EDIT: I have never used TimThumb for anything! WordPress has built in features and support to resize images and serve up image thumbnails on the fly. To me, it’s a lot easier to use the_post_thumbnail function. That’s just me though.

    TimThumb has been updated to fix the security hole, so you need to go into your theme directory and replace timthumb.php with the new one from here
    http://timthumb.googlecode.com/svn/trunk/timthumb.php

    More info:
    http://www.wpzoom.com/forum/viewtopic.php?f=21&t=5080

    OK, so sucuri now says my site is clean…but half of my images aren’t showing up!

    I stupidly deleted TimThumb and now I can’t get it back and not sure what to do…although, I have an Elegant Theme and they said they don’t use TimThumb anymore because of its known vulnerabilities (no kidding!!)

    Grrr….grrrr…..grrr….

    Hey troops,

    I got this off a Slider plugin but I still got an error message with:

    http://*******.com/wp-includes/js/l10n.js?ver=20101110

    Is it just the plugin that is knackered or something else?

    Just asked the server boys to rinse it out and hopefully that will work. The plugin incidentally is called ‘Easing Slider’ by Matt Ruddy.

    Anything else I need to do?

Viewing 15 replies - 16 through 30 (of 57 total)
  • The topic ‘Google issuing warnings about WP site: "content from counter-wordpress.com"?’ is closed to new replies.
Skip to toolbar