This is the thread I read through that had links showing it was an issue in Vbulletin. Redirects from google.....
Printable View
This is the thread I read through that had links showing it was an issue in Vbulletin. Redirects from google.....
Ha ha ha... You linked off to a forum Stealthee is a member on concerning this same issue!!!
http://3s.gonzoinc.com/albums/userpi...03_12%20AM.png
I'll take a look when I get home.
alright, fair enough...
Redirects from google..... - Page 3
...sounds like theirs was a datashare issue, but wouldnt EVERYONE (or at least 50%) be seeing same?
I just got the redirect also doing a Google search.
Alan - Check your remote Mysql connections in cpanel. Remove any entries that have a wildcard "%", Then disable/renable all plugins in vbulletin. That will clear out the datastore on the DB where the exploit base64 is sitting. Change all passwords also.
Here is the full thread: https://www.vbulletin.com/forum/show...ht=myfilestore
Guys - This is not a virus on your PC. It is a hacking attempt on the 3sgto server.
This will only affect people searching on major search engines and clicking on a link from that search engine trying to get to this site. it will redirect them to the filestore site which contains malware.
The exploit looks at the referrer in the request. Most likely your using an email client where the top level domain is also a well know search engine "IE Google, Yahoo, Etc"