Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] website probably compromised by virus

hadi hadi at
Tue Jan 29 14:23:21 PST 2013

Many thanks for posting. I'll spread this to my Syrian friends just to
be aware of this.

All the best,

On 01/29/2013 11:05 PM, KheOps wrote:
> Dear Libtech,
> We just saw that the website : is probably
> compromised. Every page of the website contains an iFrame which links to
> a .exe file which is detected as a virus by antivirus software:
> The fact that the HTML code is present at the bottom of each page makes
> me think that the "index.php" page has been changed in a way that makes
> that iFrame appear on every page of the website, after the dynamic
> It also probably means that the attackers have some kind of access to
> the server. My guess would be going to a PHP shell, but I'm no expert in
> this.
> Any help, clue, investigation, would be very welcome :)
> Thank you,
> KheOps
> --
> Unsubscribe, change to digest, or change password at:

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the liberationtech mailing list