Sign in to follow this  
Bleck

zirconstudios.com malware message

Recommended Posts

Google Chrome has stopped me twice from accessing OCR pages because it's connected to a 'known malware distributor', zirconstudios.com.

zircon, maybe take a look around at this? If anyone else had or has this happen to them, post here about it.

Share this post


Link to post
Share on other sites

I've gotten this a few times as well. I'm also using Google Chrome.

I'm sure zircon knows how to deal with this, but I'll just add that I had this happen to my site. The .htaccess file had a bunch of redirects to malware sites added to it. Deleting the file causes the server to make a new one that is clean.

Share this post


Link to post
Share on other sites

I saw something in it the other day, but I know his site has been hacked/attacked before and I thought Google still thought it was doing that or something.

Share this post


Link to post
Share on other sites

FireFox does the same thing, but only if I try to go directly to zirconstudios.com.

OCR is fine.

Share this post


Link to post
Share on other sites

Really really sorry about this, guys. It's been a giant thorn in my side for weeks now. What happened was that MONTHS ago, a single plugin I was using to resize thumbnails had an exploit that some asshole used to put malicious PHP on my site. I immediately fixed the exploit and deleted all the PHP, or at least I thought I did. The problem was that each PHP file had its own backdoor, so the same hacker(s) could keep going in and putting more redirecting crap all over.

Since my webhost (Lunarpage) was useless in helping me with this, a week ago I completely changed hosts, reinstalled everything from scratch and completely cleaned everything out to make sure that not a single file from the old site made it on to the new one without being thoroughly checked. So, there's no way any of the old malware made it on, since everything on zirconmusic.com now is fresh + reinstalled from remote servers or my computer, not simply copied over from the infected site. I submitted the domain, along with zirconstudios.com (which is just a redirct) to Google to be removed from the blacklist. Hopefully they'll do that ASAP.

tl;dr - There isn't any malware on my site now, and as soon as Google reviews my request to have it rechecked, the warning message will disappear. I'm really, really sorry for the inconvenience. Moral of the story - update your plugins :-(

Share this post


Link to post
Share on other sites
What happened was that MONTHS ago, a single plugin I was using to resize thumbnails had an exploit that some asshole used to put malicious PHP on my site.

Let me guess, timthumb? That plugin is notoriously insecure. Best to use a different plugin or the completely rewritten version.

Also, I've built/managed a number of wordpress sites in the past so I know a thing or two about it. If you need any help on things like this, feel free to ask.

Share this post


Link to post
Share on other sites

I'm guessing Google reviewed your request? When the message was appearing, it was always when entering a page zirc posted on. Since I can enter this thread safely, I'm guessing the issue has been resolved.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this