HTML/Infected.WebPage.Gen on their web site?

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Hi all,

As anyone here had a HTML/Infected.WebPage.Gen on their web site?

My ISP says it was an SQL injection attack, but from reading the description below, it looks like a server attack?

The ISP now want me to pay £400 to get the data restored.

My word against theirs and they have the data.

Regards
Picc



------------------
HTML/Infected.WebPage.Gen

Description:
A common attack against the web infrastructure can be the infection of harmless web pages. Some malware changes every HTML file stored on the disc and adds a link (very often an IFrame) to a site hosting malicious code. Other attacks can aim for the web servers and try to insert forwarding to the pages hosted there. The owner of these pages is advised to take them offline. Fix the hole (either on his own PC or on the server), check the pages for infections, clean them and go online again. Infected Web Pages often contain additional Iframe, Object or Script Tags. The Script Tags often contain encrypted Code.
------------------

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Um... A SQL Injection is a server attack. SQL Injection attacks arise from improperly validated user input. This usually takes the form of attempting to 'inject' (hence the name) data that contains backe-end commands into an input form. For instance, a password reset form on a website might execute a command on the back-end DB that says 'retrieve password for user x and email them'. If the front-end app is not coded to scrape user inputted data correctly a malicious user may be able to 'escape' out of the form by putting, for instance, a single quote (') in the form and then adding their own malicious code afterward.

The code on your site obviously isn't sanitised against malicious input - in which case the ISP isn't responsible - you, as the webmaster, are. You need to make sure you validate all user input thoroughly to mitigate against this risk.

 

ultimately, even if it was a server attack, the likelyhood is that the T's&C's you signed with the host declare that they are not liable for the loss of any data you place on their site. In this case, it makes not a jot who/what is at fault, you should (in their expectation), have backed up the data on the site.

 

I was hoping our off-site Web team would have done that. Nope.

Guess who gets the grief!