(07-22-2015 07:44 AM)DimDom Wrote: [ -> ]Oh crap... Got same thing here. If i remove all pomo directory, site gives fatal error. So I can`t even keep the site. Wasted my f***ing time, money and effort. Little peace of sh*t.
Does anyone knows someone who can do similar service but without the crap?
Instruction to clear the malware:
delete all the files in your pomo directory, go to Wordpress.org and download a new copy of WP, unzip and upload just the pomo directory to your site via FTP.
install security plugin like Wordfence and scan your entire WP install for other rogue files.
Just discard the site and domain immediately.
Once 5 to 10 people press SPAM button on their end, Hosting will shut your account down.
In my case, I was lucky that no one reported probably because all mails probably landed in SPAM folder, so no one may have seen it at all.
But your domain would be useless now. No decent mails would land up in Gmail INBOX, as this domain has been already used for spamming.
Just discard this domain and move on.
OP, I want my refund.
Please report the thread to MODS. multiple reporting would get their attention.
(07-22-2015 01:19 AM)xell Wrote: [ -> ]Hey man,
I have also the pomo directory....
What was the malicious file, so I can check?
Thank you.
The pomo directory comes with default official wordpress platform.
You can also download from
https://wordpress.org/download/ to check yourself.
As for malicious code, feel free to check via
https://www.virustotal.com/ which is the authority to check virus/malicious stuff. You can also ask hosting staff to check for you.
Hope that make sense and feel free to let me know for any other issues:)
(07-22-2015 06:32 AM)shzahsana Wrote: [ -> ]My hosting found this same issue and suspended my account. They said the same thing about email spamming. I thought it was my fault but then checked. Now I see what you mean.
OP you got to do some serious explanation. This is not cool. If I had any clients and paid you for their website, you would have probably done the same thing... I cant imagine :/ this would have killed my reputation and put me into legal stuff.
I am not blaming you straight up. BUt how do you explain 3-4 people facing the same issues?
Speak up now. Prove us wrong.
Still not sure why you needed the cpanel logins when you could easily upload your wordpress theme directly from dashboard :/ hmmm
Man, I was getting excited to send you clients and then you F@$%^ up.. #smh #fml
Could you give more details on email spamming? Is it as mentioned by HarryLaw that system sending emails from your admin email, or you are receiving spamming emails. If it's the latter case, that could happen to every website, including ours as well, as you can't control people who send spamming or advertising emails.
As for malicious code, we tested every website on virustotal.com, and for agency site, we asked hosting staff to check as well, there is no malicious script in it, and that is never gonna happen when we put up your website. A possible reason is that site is compromised because people keep using simple passwords for long when we initially set up on the site.
As for cpanel, it's already mentioned, we tried to eliminate as much work as possible from your end, to make it a real Done-For-You business website. If you prefer to install wordpress or something else and go from there, you can surely let us know. But by default, we will handle all technical work, which I don't think there is anything wrong with it.
(07-22-2015 08:40 AM)Skunkworks Wrote: [ -> ]Instruction to clear the malware:
delete all the files in your pomo directory, go to Wordpress.org and download a new copy of WP, unzip and upload just the pomo directory to your site via FTP.
install security plugin like Wordfence and scan your entire WP install for other rogue files.
Thanks for that.:)
We treat each member as our partner, when you grow up your business and make profits, we do as well.
There is no reason we will install any malicious script on the business agency website from whatever perspective, and we stand by that 100%.
We have almost 200 premium members, not ever received any single email/message before about the malicious issue except HAPPYLAW.
We do apologize, as we are partially responsible for that, not because we installed any malicious code, but the simple password we used initially while setting up the website, as people may still use that which we didn't expect. That is potential cause which makes website compromised possibly.
VirusTotal will not pick up exploits in plugin/theme code.
After reading through all of this, are you are using a nulled script you got from somewhere else and installing this on peoples servers along with wordpress?
If this ISN'T an open password issue, you need to scan for exploits in your scripts or hire someone that knows what they are doing to find the exploits for you.
Do not ignore this message or you risk having your BSO deleted.
(07-22-2015 01:03 PM)NonConformer Wrote: [ -> ]VirusTotal will not pick up exploits in plugin/theme code.
After reading through all of this, are you are using a nulled script you got from somewhere else and installing this on peoples servers along with wordpress?
If this ISN'T an open password issue, you need to scan for exploits in your scripts or hire someone that knows what they are doing to find the exploits for you.
Do not ignore this message or you risk having your BSO deleted.
That is a big NO! We never used nulled script and install on member's websites.
The agency website demo is also running on our own server, if there is any malicious or email spamming issues, hosting staff already notified us or it's already been shutdown long time ago.
In addition, we didn't receive any messages/emails about such problem before except HAYYYLOW. That is why I mentioned about the simple password issue which might possibly be the cause, and we are more than glad to fix if that is the case. We have been providing services for around one year now, if there is any problem on our side, we will definitely take care.
It does seem very odd to me. Why would someone providing a service like this deliberately place such a malicious code? For what purpose? They are trying to build an ongoing business - not short time spamming gains. I think it likely that the issue is as presented - a weak password vulnerability. Otherwise ALL of jackie2011ws customers would be up in arms surely?
I certainly hope so, as I am interested in this offering.
Yeah I agree, what would be the point of doing it? Better off building a reputable business I would think.
jt
(07-22-2015 07:54 PM)midastouch Wrote: [ -> ]It does seem very odd to me. Why would someone providing a service like this deliberately place such a malicious code? For what purpose? They are trying to build an ongoing business - not short time spamming gains. I think it likely that the issue is as presented - a weak password vulnerability. Otherwise ALL of jackie2011ws customers would be up in arms surely?
I certainly hope so, as I am interested in this offering.
Exactly! That is what I'm trying to say in previous posts.
We are here to help establish your own white label business, rather than simply selling a website and go away.
This is a win-win-win business for clients, our members and us, and we surely want to establish long term relationship with everyone.