Loading Profile...
My website URL is being redirected to Metamark
How is traffic to my website being directed to metamark, and why does it say spam has been reported from my website so my website has been shut down? Before 5 minutes ago I never heard of metamark. When I type the URL for my site www.columbusfoodnadwine.com, I see it on the screen for about 2 seconds then the page is redirected to Metamark (http://xrl.us/kk3w6) with a message that says tthe URL has been reported in spam.
How could my URL get redirected to Metamark? Before today I have never been to the site.
How could my URL get redirected to Metamark? Before today I have never been to the site.
I’m frustrated
1 person has this question
I have this question, too!
Tell me when someone answers.
The more people who ask this question, the more it gets noticed.
The more people who ask this question, the more it gets noticed.
The best answer from the company
-
Hi Wineward & Phil,
A few others emailed me the same question. What happened to them was that someone hacked their unpatched/insecure installation of WordPress and replaced the site with a redirect to their website.
They used Metamark as an intermediary between your website and theirs. When we found out the short Metamark URL the hacker/spammer had used was disabled and that's how you end up on http://xrl.us/kk3w6 when you go to your site (before we disabled it, a user going to your site ended up on the hacker/spammers website).
update: see below for more information.
- ask
The company says
this answers the question
-
-
Inappropriate?Hi Wineward & Phil,
A few others emailed me the same question. What happened to them was that someone hacked their unpatched/insecure installation of WordPress and replaced the site with a redirect to their website.
They used Metamark as an intermediary between your website and theirs. When we found out the short Metamark URL the hacker/spammer had used was disabled and that's how you end up on http://xrl.us/kk3w6 when you go to your site (before we disabled it, a user going to your site ended up on the hacker/spammers website).
update: see below for more information.
- ask
The company says
this answers the question
-
Inappropriate?I had a look at the columbusfoodandwine.com website. What the hacker did was insert the following bit of obfuscated Javascript to make your site send the users to another page as soon as your page loaded.
Remove it to stop it from happening. But! It's important that you secure your WordPress installation at the same time. It's not really clear from their announcement, but basically then some versions before 2.5.1 were insecure so anyone could "take over" your weblog.
http://wordpress.org/development/2008...
- ask1 Comment Add a comment
This answers the question
-
The same thing has happened to my site. Can you elaborate on which file contains the javascript? can you send me the javascript I need to remove? -
Inappropriate?Help! the same thing has happened with my website: http://myoccupiedterritory.net/ and it's being redirected to http://xrl.us/kk3w6.
Can you please provide more information on how to resolve this problem? Thanks!
-
Inappropriate?This happened to me, also. My site is http://tunesmith-anthony.com and it's being redirected to http://xrl.us/kk3w6 also. -
Inappropriate?Hi everyone,
Those of you who sent URLs all appear to be using WordPress, so it surely is the same problem. You need to ask your hosting provider or whoever installed WordPress for you - or find a WP forum to get help upgrading it to a secure version.
The script that does the redirect is on your front pages and all include this bit of text: "function Decode()". I'm not familiar with WordPress (other than what I read up on about its security problems after this incident), so I don't have any ideas which template the worm/hacker changed.
- ask -
Inappropriate?Got the same problem, and i'm also running WordPress. Been talking to my provider the last 15 min, and they are still looking to solve the problem.
If you are looking for the easiest way out (without solving the problem) i would recomend reinstalling the skin you are using on your page, or simply choose another skin.
I'm using a different skin while looking to solve the problem, and would very much hear if anyone has been able to locate it.
And...needless to say: my wordpress will be updated tonight:) -
Inappropriate?Also:
Wordpress Blogs using Vistered Little are being targeted by hackers
Over the last two days the number of 404s on my site increased significantly. Further investigation revealed that attempts were being made to access unusual URLs to gain access to files they wouldn't normally have access to.
More here: http://windyroad.org/2007/05/30/secur... -
Inappropriate?Same problem with redirection. anyone knows how to delete it? -
Inappropriate?One user wrote to me:
"Thank you very much for your response and please accept my apologies, as it seems your company really had nothing to do with it. If it proves helpful, the javascript responsible for the redirect was located in my themes header.php, which I was able to correct from the Word Press control panel."
I hope this is helpful. -
Inappropriate?very helpful! thank you. i didn't know which page to look for the code. here is what i cut out of my header.php page:
EMPLOYEE