I got a call from a friend telling me that when she visited my site her computer downloaded malware. Then another call, this time from the folks at MarketingProfs telling me that they had the same experience and were removing links to my site out of concern for their readers. (I like their pro-active response.)
So I contacted my ISP, Bluehost and was shocked to receive the following response:
It appears the hacker have injected code into each of you php pages on your site. They have also uploaded files called ‘uvk.php’, hilton_johan sebastian.php” and ‘oliver_gillie.php’ as well as a hidden folder called ‘.files’.
You will need to remove the code that they injected from every page of your site.
My site had been hacked!
Fortunately for me, they included a link to a simple solution. Within 10 minutes, I got the all clear sign from Bluehost.
Your account looks clean. I would highly advise that you update all of your scripts to prevent a future injection attack like this.
To any of you that visited my site in the past 3 to 4 days and encountered malware – I apologize for the inconvenience.
