Malware on my website in codes

[wasabisashimi]

Hi guys,
I just randomly came across this today.
A few companies has injected malware code inside my webpages.
I can't see them on regular pages, but if I do Ctrl+U in firefox.
I can see 2-3 unwanted codes what has nothing to do with my business and i dont know how it got there in the first place.

These codes include things like viagra, morgage..etc and some complete with an external link.

Is there an explanation to this, and how can I scan my wordpress site to find out what else is there as well as clean-removal of them. I read that each of these shit malware on my pages count as a minus point in my search engine ranking.

I have no training in website making or coding. All I was trying to do was putting in proper meta tags and description.

[ecchiecchi]

website link?

[wasabisashimi]

Someone suggested me to pay $89.99 to sucuri to get it cleaned up. Have anyone experienced this?

[wasabisashimi]

Quote:

Originally Posted by ecchiecchi

website link?

<div id='hideMeya'> They cover the debt company wasting time it applicant <a href="http://www10154.40cialis10.com/" title="cialis discount">cialis discount</a> comes the principal on payday. Others will only way of fraud or wwwwcialiscom.com <a href="http://www10560.50levitra10.com/" title="new ed treatments">new ed treatments</a> less and time consuming. Finding a number of run a late viagra online without prescription <a href="http://www10450.a1viagra10.com/" title="impotence cure">impotence cure</a> fees from minors or. Treat them several visits appliance failures and energy cheap viagra <a href="http://www10075.60viagra10.com/" title="viagra online generic">viagra online generic</a> by how we strive for this. Called an online chat and use of between traditional Erectile Dysfunction Treatment | LEVITRA <a href="http://www10675.b2viagra10.com/" title="viagra pills">viagra pills</a> lenders have given by having cash available? But the potential needs so long waits for with you wwwwcialiscom.com <a href="http://www10462.70cialis10.com/" title="generic cialis 10mg">generic cialis 10mg</a> been praised as verification you personal properties. Sell your debts off their customers regardless of taking viagra <a href="http://www10300.c3viagra10.com/" title="erectile dysfunction tablets">erectile dysfunction tablets</a> a need the fax copies of investors. Without this leaves hardly any funds should levitra <a href="http://viagrapharmacyau.com/" title="viagra side effects">viagra side effects</a> not payday quick process! After providing you let our simple you viagra <a href="http://buy1viagra.com" title="viagra">viagra</a> ever being financially responsible. The information over until any required verification requirements you earn ED Treatment | VIAGRA® (sildenafil citrate) Safety Info <a href="http://www10600.20viagra10.com/" title="cheapest viagra">cheapest viagra</a> a victim of around to anyone cash. Online payday to excessive funds that consumers take Buy Cialis Without Prescription - Online Canadian Pharmacy <a href="http://www10000.30viagra10.com/" title="viagra">viagra</a> all time money quickly rack up. Applying for payday loansone of cash needs and be actually <a href="http://levitrafromau.com/" title="http://levitrafromau.com/">http://levitrafromau.com/</a> chosen by dealing in processing and paystubs. Typically ideal using a small your broken down you cialis <a href="http://www10225.30viagra10.com/" title="pfizer viagra online">pfizer viagra online</a> know emergencies occur or looking for disaster. Our short questions which lender a signed copy of cheap viagra without prescription <a href="http://www10450.90viagra10.com/" title="viagra super force">viagra super force</a> economic times throughout the risk lenders. Filling out the impulsive nature of economy in georgia viagra online without prescription <a href="http://www10350.10levitra10.com/" title="impotence">impotence</a> can cause the loss of funds fees. Perhaps the paycheck means never need and go wrong ED Treatment | VIAGRA® (sildenafil citrate) Safety Info <a href="http://www10150.90viagra10.com/" title="erectile dysfunction help">erectile dysfunction help</a> with online loan which they wish. Impossible to turn away from finding a can cialis for high blood preasur <a href="http://www10075.c3viagra10.com/" title="viagra from india">viagra from india</a> debt companies who apply. One common in via a chapter is in monthly levitra online <a href="http://www10600.60viagra10.com/" title="generic viagra canada">generic viagra canada</a> social security against you work is needed. Borrowers applying because a convenience of will answer viagra no prescription <a href="http://www10000.a1viagra10.com/" title="viagra 100mg price">viagra 100mg price</a> your salary high interest penalties. Seeking a regular expenses paid by an immediate online levitra viagra vs <a href="http://viagra7au.com/" title="http://viagra7au.com/">http://viagra7au.com/</a> that day have waited online lender. After the requirements which must visit the freedom you levitra <a href="http://www10225.20viagra10.com/" title="viagra.com coupon">viagra.com coupon</a> decide to military may help every week. Within minutes your top priority with other options before paperwork levitra <a href="http://www10693.40cialis10.com/" title="causes of impotence">causes of impotence</a> and only benefit that cash they need. Fast online does mean it has discount viagra <a href="http://www10525.b2viagra10.com/" title="womens viagra pill">womens viagra pill</a> to forward the month. Our bad and long period this information you extended Order Cialis from a Certified Pharmacy <a href="http://www10225.c3viagra10.com/" title="viagra wiki">viagra wiki</a> time even their apartments their loan. Visit our customers a quick and viagra kaufen <a href="http://www10675.20viagra10.com/" title="safe viagra online">safe viagra online</a> hour you got right? Third borrowers must accept however we automatically debit payday loans <a href="http://www10420.10levitra10.com/" title="levitra mail order">levitra mail order</a> your medical bills without the clock. There really need when working telephone number to organize a www.cashadvance.com <a href="http://www10075.20viagra10.com/" title="effect of viagra">effect of viagra</a> concerted effort to men and we do. Be at how you additional charges are listed levitra compared to cialis <a href="http://www10000.b2viagra10.com/" title="viagra generic online">viagra generic online</a> on day online saving the crisis. Generally we manage our five years or deny someone donette <a href="http://www10450.60viagra10.com/" title="levitra viagra cialis">levitra viagra cialis</a> tries to spend some money term loan? After one lump sum or submit their levitra 10 mg order <a href="http://levitra-3online.com" title="levitra 10 mg order">levitra 10 mg order</a> scores even custom loans. </div><script type='text/javascript'>if(document.getElementById('hideMeya') != null){document.getElementById('hideMeya').style.vi sibility = 'hidden';document.getElementById('hideMeya').style .display = 'none';}</script> </p>
<p><strong></strong>A night light or a clock radio is enough stimulation to shut down our melatonin production at night.<br />

[Presto]

The malware may not be part of your site. Malware could be on your client computer, and inject itself into any webpage you view. What's the URL to your site?

[mos_skeeto]

is it running wordpress? i cleaned one up a while back...

code was inserted because it wasn't being maintained with updates.

post the link to the site. everyone here can look up the source code manually.

[wasabisashimi]

Thanks for all the input, I got it cleaned up last night. The Source code was posted earlier above (the part that was foreign and injected into my site). I dont know how these codes got in to the site. I checked from multiple computeres at work and home. It showed the same nasty code, so it must not have been the individual computer issue.

Funny thing is that these codes and its brand such as viagra , cialis..etc are regularly found in the spam folder of our web host Email .

[CCA-Dave]

Quote:

Originally Posted by wasabisashimi

Someone suggested me to pay $89.99 to sucuri to get it cleaned up. Have anyone experienced this?

I've been using securi to keep our site clean after it ended up with malware. Totally worth the $90/year if you aren't someone who likes debugging websites.

-Dave

[Snowden]

Quote:

Originally Posted by wasabisashimi

Thanks for all the input, I got it cleaned up last night. The Source code was posted earlier above (the part that was foreign and injected into my site). I dont know how these codes got in to the site. I checked from multiple computeres at work and home. It showed the same nasty code, so it must not have been the individual computer issue.

Funny thing is that these codes and its brand such as viagra , cialis..etc are regularly found in the spam folder of our web host Email .

Well then, how will you prevent it from happening again?

[wasabisashimi]

Quote:

Originally Posted by Snowden

Well then, how will you prevent it from happening again?

I have no idea.

[ForbiddenX]

Keep your wordpress files up to date all the time. Backdoors and injections like this are usually exploited on older versions where they still exist.

It's a pretty steep precaution but you can change your cpanel/database/wordpress passwords. Change them to something that is not randomly generated because if they have the algorithm to generate the password they can brute force it in (I believe it's common for cpanel logins).

This injection causes search engines to index your site with those phrases that are hidden. If you search those terms your site is going to end up on google. Usually the case if you have a decent amount of traffic.

Might take a while to get off it if you've been indexed already. Not too sure how long it actually lasts. It's more to get your site to appear in search terms than anything.

[wasabisashimi]

Quote:

Originally Posted by ForbiddenX

Keep your wordpress files up to date all the time. Backdoors and injections like this are usually exploited on older versions where they still exist.

It's a pretty steep precaution but you can change your cpanel/database/wordpress passwords. Change them to something that is not randomly generated because if they have the algorithm to generate the password they can brute force it in (I believe it's common for cpanel logins).

This injection causes search engines to index your site with those phrases that are hidden. If you search those terms your site is going to end up on google. Usually the case if you have a decent amount of traffic.

Might take a while to get off it if you've been indexed already. Not too sure how long it actually lasts. It's more to get your site to appear in search terms than anything.

Does it effect my site's ranking in Google? or other search engines because it had this malware code in it.

[ForbiddenX]

Quote:

Originally Posted by wasabisashimi

Does it effect my site's ranking in Google? or other search engines because it had this malware code in it.

Yes it'll get ranked higher for those search terms