Go Back   MacRumors Forums > Special Interests > Visual Media > Web Design and Development

Reply
 
Thread Tools Search this Thread Display Modes
Old Apr 4, 2012, 06:49 PM   #1
AeroUK
macrumors 6502
 
Join Date: Jan 2008
Location: New York
Please help: Java trying to access computer from my website

Hi everyone,

I use wordpress to host my site www.aaronshort.com

Recently when I load the site I have a Java applet to access my computer while on the main page. I have attached a screen grab. If someone could help me I would really appreciate it.

Best

Aaron
Attached Thumbnails
Click image for larger version

Name:	Website Error.jpg
Views:	220
Size:	409.5 KB
ID:	334208  
AeroUK is offline   0 Reply With Quote
Old Apr 4, 2012, 10:00 PM   #2
CrickettGrrrl
macrumors 6502a
 
CrickettGrrrl's Avatar
 
Join Date: Feb 2012
Location: B'more or Less
Quote:
Originally Posted by AeroUK View Post
Hi everyone,

I use wordpress to host my site www.aaronshort.com

Recently when I load the site I have a Java applet to access my computer while on the main page. I have attached a screen grab. If someone could help me I would really appreciate it.

Best

Aaron
Did you install the latest Java patch in Software Update this week?

I was just reading this article about the java exploit in Ars, you might want to take a look at it:
http://arstechnica.com/apple/news/20...0#comments-bar
CrickettGrrrl is offline   0 Reply With Quote
Old Apr 6, 2012, 12:38 AM   #3
AeroUK
Thread Starter
macrumors 6502
 
Join Date: Jan 2008
Location: New York
It is not that, I think it is a virus in my site but I have no idea what to do!
AeroUK is offline   1 Reply With Quote
Old Apr 6, 2012, 10:48 AM   #4
jared_kipe
macrumors 68030
 
jared_kipe's Avatar
 
Join Date: Dec 2003
Location: Seattle
Send a message via AIM to jared_kipe
Do you not have a local copy somewhere? Delete it from the host and re-upload your local copy.
jared_kipe is offline   0 Reply With Quote
Old Apr 6, 2012, 12:04 PM   #5
GGJstudios
macrumors Westmere
 
Join Date: May 2008
Quote:
Originally Posted by AeroUK View Post
It is not that, I think it is a virus in my site but I have no idea what to do!
It's not a virus, since there are no Mac OS X viruses in the wild. It's simply a website requesting access to your computer. Just click "Deny". That's all you need to do.
GGJstudios is offline   1 Reply With Quote
Old Apr 6, 2012, 12:07 PM   #6
SandboxGeneral
Moderator
 
SandboxGeneral's Avatar
 
Join Date: Sep 2010
Location: The New World
Quote:
Originally Posted by GGJstudios View Post
It's not a virus, since there are no Mac OS X viruses in the wild. It's simply a website requesting access to your computer. Just click "Deny". That's all you need to do.
While true, the OP is saying that he didn't install this applet into his website, which means his site was possibly hacked and someone else put this applet in there. He wants to know what happened to his site and how to fix it.

That's what it sounds like he is saying to me anyway.
__________________
"Gee, I've been on this diet only ten minutes and I've already lost something, my sense of humor."
••• SandboxGeneral.com •••
SandboxGeneral is offline   1 Reply With Quote
Old Apr 6, 2012, 12:08 PM   #7
GGJstudios
macrumors Westmere
 
Join Date: May 2008
Quote:
Originally Posted by SandboxGeneral View Post
While true, the OP is saying that he didn't install this applet into his website, which means his site was possibly hacked and someone else put this applet in there. He wants to know what happened to his site and how to fix it.

That's what it sounds like he is saying to me anyway.
It appears to be something from WordPress, not a hacker.
GGJstudios is offline   1 Reply With Quote
Old Apr 6, 2012, 12:14 PM   #8
SandboxGeneral
Moderator
 
SandboxGeneral's Avatar
 
Join Date: Sep 2010
Location: The New World
Quote:
Originally Posted by GGJstudios View Post
It appears to be something from WordPress..
Right, and that's what the OP is inquiring about. OP owns the website from Wordpress and did not install this applet into his website. A Google search of the Java applet shows a Brazilian website as it's source. OP wants to know how to get this applet out of his website.
__________________
"Gee, I've been on this diet only ten minutes and I've already lost something, my sense of humor."
••• SandboxGeneral.com •••
SandboxGeneral is offline   0 Reply With Quote
Old Apr 6, 2012, 12:47 PM   #9
GGJstudios
macrumors Westmere
 
Join Date: May 2008
Quote:
Originally Posted by SandboxGeneral View Post
Right, and that's what the OP is inquiring about. OP owns the website from Wordpress and did not install this applet into his website. A Google search of the Java applet shows a Brazilian website as it's source. OP wants to know how to get this applet out of his website.
If you go to the site and click View > View Source you can see the HTML for the site. Also, you can right-click on any item and select "Inspect Element" to learn more.
GGJstudios is offline   1 Reply With Quote
Old Apr 7, 2012, 12:40 PM   #10
AeroUK
Thread Starter
macrumors 6502
 
Join Date: Jan 2008
Location: New York
Sandbox General, that is exactly right.

My site is hosted on Bluehost and is a WordPress site so I cannot scan the files offline.

The applet can be ignored on a PC with IE but my Mac asks to accept the applet every time. I just need to find out how to stop this happening. Does anyone know?

Best

Aaron
AeroUK is offline   0 Reply With Quote
Old Apr 7, 2012, 01:11 PM   #11
SandboxGeneral
Moderator
 
SandboxGeneral's Avatar
 
Join Date: Sep 2010
Location: The New World
Quote:
Originally Posted by AeroUK View Post
Sandbox General, that is exactly right.

My site is hosted on Bluehost and is a WordPress site so I cannot scan the files offline.

The applet can be ignored on a PC with IE but my Mac asks to accept the applet every time. I just need to find out how to stop this happening. Does anyone know?

Best

Aaron
You're going to have to look over your code for the malicious code that doesn't belong and remove it.

Also, make sure you're using a strong password for administrative access, and change it right away, regardless. If anyone has delegated authority to the site, make sure you have them change their passwords and make them strong.

Then make sure you have any software you're using with Wordpress is fully up-to-date.
__________________
"Gee, I've been on this diet only ten minutes and I've already lost something, my sense of humor."
••• SandboxGeneral.com •••
SandboxGeneral is offline   0 Reply With Quote
Old Apr 9, 2012, 03:18 PM   #12
CrickettGrrrl
macrumors 6502a
 
CrickettGrrrl's Avatar
 
Join Date: Feb 2012
Location: B'more or Less
Quote:
Originally Posted by AeroUK View Post
Hi everyone,

I use wordpress to host my site www.aaronshort.com

Recently when I load the site I have a Java applet to access my computer while on the main page. I have attached a screen grab. If someone could help me I would really appreciate it.

Best

Aaron
Hi AeroUK,

I hope your problem is resolved now. I just read the following on MacWorld, --remembered your post and thought you might be interested:

Quote:
“A lot of things happened at the same time,” said Mike Geide, senior security researcher at Zscaler ThreatLabZ. “There have been mass compromises of WordPress sites, and the controllers [for those hijacked websites] match the domain structure Doctor Web described. That’s been ongoing since at least early March.”

WordPress is a popular open-source blogging and content management platform used by about one in seven websites.

Those usurped WordPress sites have been redirecting users to malicious URLs, where hackers have hosted the Blackhole exploit kit. Blackhole tries multiple exploits, including several aimed at Java bugs on Macs, to compromise machines.

The sheer size of the WordPress installed base and the scope of the WordPress injection campaign means that it would not have been impossible for hackers to poison more than 600,000 Macs.

“The number is entirely feasible,” said Brett Stone-Gross, a security researcher with the Counter Threat Unit of Dell SecureWorks. Atlanta-based SecureWorks is well-known for its botnet research.
http://www.macworld.com/article/1166...on_target.html
CrickettGrrrl is offline   0 Reply With Quote
Old Apr 12, 2012, 12:38 AM   #13
Consultant
macrumors G5
 
Consultant's Avatar
 
Join Date: Jun 2007
Quote:
Originally Posted by AeroUK View Post
Sandbox General, that is exactly right.

My site is hosted on Bluehost and is a WordPress site so I cannot scan the files offline.

The applet can be ignored on a PC with IE but my Mac asks to accept the applet every time. I just need to find out how to stop this happening. Does anyone know?

Best

Aaron
You can access the files through FTP.

I am guessing you have a weak password and they brute forced it.

By the way saying this is wrong "I use wordpress to host my site" when you are "Using self-hosted wordpress"
Consultant is offline   0 Reply With Quote
Old Apr 13, 2012, 12:43 AM   #14
AeroUK
Thread Starter
macrumors 6502
 
Join Date: Jan 2008
Location: New York
OK so should I change my password and then try to get my files downloaded and scanned from the FTP server?

I have not had the problem for the past few days...
AeroUK is offline   0 Reply With Quote

Reply
MacRumors Forums > Special Interests > Visual Media > Web Design and Development

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
can not access school's website Gonzo3333 OS X 4 Aug 28, 2013 11:51 AM
Someone used Safari remote login to access my computer. What did he have access to? zephonic OS X 10.8 Mountain Lion 2 Jul 25, 2013 10:52 PM
Cannot Access a Website jisaac Web Design and Development 11 Apr 11, 2013 07:18 AM
How do you know your computer was infected with Java zero day exploit? clukas OS X 10.8 Mountain Lion 6 Jan 20, 2013 01:09 AM
'Blocked' website access jonparadise Mac OS X 10.7 Lion 0 Jul 8, 2012 11:34 AM

Forum Jump

All times are GMT -5. The time now is 08:22 AM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC