Hello,
My Oscommerce 2.3.1 shop began having problems about a week ago (Google Chrome reported that site was hosting content from a known suspicious site). I could view an iframe when viewing the source code in my browser, but when downloading the files and looking for that iframe code – there is no iframe code there. I had my webhost do a scan for viruses and nothing was found, although he too could only see the iframe code in a browser but not on the actual files that are on my server.
Today, my AVG 2012 AV is now blocking a threat each time I click a link on my website – any product, the index, even the admin CP. The threat being blocked is “Exploit Blackhole Exploit Kit (type 2073)”. I searched Google and found some vague information about hackers adding a JavaScript and even database entries that load the iframe on the website, and spread to users who visit the site.
Is there anyone with any information on this? All the posts I can find online about this, instruct you how to clean the virus from your computer, but no one is talking about how to remove the virus from your website. I have a linux VPS if that helps.
Thank you.