Skip to main content
P
partTimeCrazy
Inspiring
November 28, 2013
Question

Arrgh! My sites are being hacked!

  • November 28, 2013
  • 2 replies
  • 1000 views

Some of our coldfusion sites are being redirected to a mulberry site when someone does a google search. Is there a way to prevent this? How are they doing it in the first place? It look like this code is being inserted into the index.cfm:

[ code removed - do NOT post the contents of hacked sites on this forum!! ]

This topic has been closed for replies.

2 replies

T
tribule
Legend
December 3, 2013

We have seen the "mulberry" attack too - it is a backdoor that is planted in various php and cfm templates, allowing the attacker to use your server to show adverts and do redirects etc.

Do you have PHP or WordPress installed on the same server?

P
partTimeCrazyAuthor
Inspiring
November 28, 2013

eh, code removed? How am I supposed to get help if people cant see what the problem is?!

D
duncancumming
Participating Frequently
November 28, 2013

Here's the link to your StackOverflow question which does have all the code:

http://stackoverflow.com/questions/20263712/aargh-coldfusion-sites-are-being-hacked

Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices