I’ve had several people contact me in the last week or two about my blog causing virus alarms all over the place on their computer. I’ve talked to my host and they didn’t really offer any helpful insight (I should switched a long time ago.) and I was starting to get really frustrated. I finally asked the last few people who mentioned it to send me information about what their computer was telling them. Finally? I got a lead.
Turns out some malicious code had been inserted into one of my recent WordPress entries. How they did that – I have no idea. I have changed all passwords and upgraded the the latest copy of WordPress to keep it from happening again. But, I thought I’d share with you how I found the code.
One of the articles someone sent me mentioned the term “iframe” as a way to identify this type of malicious code. I loaded up my blog and then did a “Ctrl+U” to view the source of the page. Then I did a “Ctrl+f” to search the page for the phrase “iframe”. I found the line of code you see in the below picture.
Oddly enough, it was inside an entry I had written recently. When I went back to my WordPress dashboard and went to edit that entry, I found that line of code inside of the entry. I have no idea how it got there but I removed it immediately. I am hoping this solved the problem (I did a database search for similar results and found nothing else) but more importantly – I wanted to help others who may have been as lost as I was to hear their website was triggering virus alerts.
So…if you get an email from someone saying your website turned on their virus alerts or gave them some sort of “Malicious Code!” warnings – do a search for the term “iframe” and hope you don’t find anything.
Stupid hacking bastards. Why can’t they leave a boring Mommy Blogger like me alone? Bah.