I wouldn't have believed it if I didn't see it, but my movable type installation was hacked yesterday. Somehow, someone managed to insert an encoded script into my landing page that downloaded a nasty virus to anyone who visited my web page. I didn't save the script, but it was encoded javascript (virtually unreadable) and it downloaded a script from uniq-soft.com.
Anyone else get script injection attacks on their movabletype install? What can be done about it?
Full Version: My Movable Type Install Was Hacked! (uniq-soft Virus)
Hey, I came on here looking for a possible fix to this problem.
I've had it 3 times now...everytime I view my site, it starts downloading a trojan. This is definately a MT problem as I only need to re-upload my index page again and it goes.
This only started happening last week when I installed the 3.3 version!!!
Is there any fix to this??
I've had it 3 times now...everytime I view my site, it starts downloading a trojan. This is definately a MT problem as I only need to re-upload my index page again and it goes.
This only started happening last week when I installed the 3.3 version!!!
Is there any fix to this??
QUOTE (Clare @ Aug 23 2006, 10:42 AM) 
Hey, I came on here looking for a possible fix to this problem.
I've had it 3 times now...everytime I view my site, it starts downloading a trojan. This is definately a MT problem as I only need to re-upload my index page again and it goes.
This only started happening last week when I installed the 3.3 version!!!
Is there any fix to this??
I've had it 3 times now...everytime I view my site, it starts downloading a trojan. This is definately a MT problem as I only need to re-upload my index page again and it goes.
This only started happening last week when I installed the 3.3 version!!!
Is there any fix to this??
No fix yet, but rebuilding the entire site clears out any injected javascript code. I can't believe more people aren't having this problem...?
Possible cause could be that MT 3.3x sets permissions for the output files as 777. If you change them manually (via cPanel or whatever form of access you have), then add the following to your mt-config.cgi - and continue publishing - it should no longer occur.
DBUmask 0022
HTMLUmask 0022
UploadUmask 0022
DirUmask 0022
DBUmask 0022
HTMLUmask 0022
UploadUmask 0022
DirUmask 0022
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.