fsps Posted July 23, 2013 Posted July 23, 2013 Heliohost username: fldstnServer: stevieMain domain: fsdemo.heliohost.org Suspended for inactivity, surely. The service works so wonderfully, I don't have to log in to change much! Sorry, and thanks for your help.
Byron Posted July 23, 2013 Posted July 23, 2013 It says suspended for: Malware. 1 file(s). HTML.Exploit.CVE_2013_0026 What can you tell me about this file?
fsps Posted July 23, 2013 Author Posted July 23, 2013 Holy cow, I've never seen that file. What does that file do? How could it have gotten in my account?? Are there some security holes I need to fix?
Byron Posted July 23, 2013 Posted July 23, 2013 Well if you didn't put it there than you might want to change your password. I've unsuspended your account. Please delete that file.
Byron Posted July 23, 2013 Posted July 23, 2013 Your account has been manually unsuspended. If you still see the suspended page then you should try clearing your browsers cache. -- Please spare a few minutes to take our brief survey: http://feedback.heliohost.org/ Your participation in this survey is greatly appreciated.
fsps Posted July 23, 2013 Author Posted July 23, 2013 Thank you for unsuspending my account. I ran a search in the File Manager to find and delete that file, but it came back with "No records found". I started at the home directory (/home/fldstn) and selected the search for "All Your Files". Where is this thing?
Byron Posted July 23, 2013 Posted July 23, 2013 I'm not the admin. who suspended the account so I don't know. I'll escalate this so Krydos can respond.
Byron Posted July 23, 2013 Posted July 23, 2013 This support request is being escalated to our root admin.
Krydos Posted July 23, 2013 Posted July 23, 2013 @byron, to save time you can just use the multimod labeled "Malware Found", and copy paste the "Malware. 1 file(s). HTML.Exploit.CVE_2013_0026" part into the blank provided. @fsps, your account is showing up as clean now. Thank you for taking care of this.
Byron Posted July 23, 2013 Posted July 23, 2013 Okay thanks Krydos. It's been awhile since I've posted regular and I didn't realize that had been added to the multimod.
fsps Posted July 23, 2013 Author Posted July 23, 2013 Okay, thanks guys. Is there anything I can do to prevent something like this getting on my account again??
Ice IT Support Posted July 23, 2013 Posted July 23, 2013 As Byron suggested earlier, you should probably change your password. Make sure any Wordpress installations are up-to-date and any plugins come from legitimate sources and are also up-to-date. This applies to any web software. These two issues are the biggest cause of unauthorized account access on HelioHost.
Recommended Posts