×
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
aktxyz
Former Member
Message 1 of 3

Site flagged by SiteAdvisor Incorrectly - Need help to determine why?

http://www.siteadvisor.com/sites/www.jwaala.com

How can we determine what it is that is causing mcafee siteadvisor to flag our site as "Use with extreme caution".

We are not spam/porn/etc or anything bad.  This is causing us some serious problems.

-- Thank you

2 Replies
k3tg
Reliable Contributor
Reliable Contributor
Message 2 of 3

Re: Site flagged by SiteAdvisor Incorrectly - Need help to determine why?

will assist you in getting your issue resolved

Hayton
Reliable Contributor
Reliable Contributor
Message 3 of 3

Re: Site flagged by SiteAdvisor Incorrectly - Need help to determine why?

Tom K3TG is right, I'm afraid, you'll have to contact either SiteAdvisor or TrustedSource (the link Tom provided also covers TrustedSource).

You're an established site, I looked you up. You even got a write-up last year as a Microsoft Case Study. However, according to Trusted Source yours is now a Malicious Site, and given that Jwaala "provides online personal finance management solutions for banks and credit unions" it is possible that your site has somehow been compromised. As a financial site it would be a prime target for hackers and malware distributors.

As a quick check I ran your site through Sucuri, and it came back with the following warning :

Sucuri SiteCheck - jwaala.png

- and the mention of WordPress rang an alarm bell. I checked back through the last week's reports of trouble and found this article detailing an attack on WordPress sites :

"A few days ago, hundreds of websites, based on WordPress 3.2.1, were compromised. The attacker uploaded an HTML page to the standard Uploads folder and that page redirects the user to the Phoenix Exploit Kit. Its logs show that users from at least four hundred compromised sites were redirected to Phoenix exploit pages ...."

Your site is almost certainly one of those compromised sites, and if so having an out-of-date version of WordPress would have been the reason the attack succeeded.

The subject is also analyzed in an article by Websense ("3-2-1 Wordpress vulnerability leads to possible new exploit kit") which has this to say :

The number of Web pages running the vulnerable, targeted version of Word Press 3.2.1 is in the hundreds of thousands. It is unknown at this time how the attackers are choosing which sites to infect.


What To Do If You Are Running WordPress 3.2.1

If you're running WordPress 3.2.1, we recommend that:

  1. You upgrade to the latest stable version of WordPress.
  2. Check the source code of all your Web pages to see if you've been infected (see the code above). If you have been infected, be sure to upgrade WordPress while simultaneously removing the injected code so that your Web pages aren't simply being reinfected after being cleaned.

I suggest you read through the articles linked to above, and then check your site code to see if any of the injection code highlighted in the articles is present anywhere, before contacting TrustedSource. If you can confirm that your site is clean then it should be relatively easy to retest and re-rate it.

Message was edited by: Hayton on 04/02/12 05:50:24 GMT

Message was edited by: Hayton - Jive lost the Sucuri screenshot image - on 06/02/12 12:29:53 GMT
How Many Badges Can You Collect?
Ready for a little competition? Members like you are earning badges and unlocking perks for their helpful answers. Are you? Click here to find out.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community