Please help: Java trying to access computer from my website

Discussion in 'Web Design and Development' started by AeroUK, Apr 4, 2012.

  1. AeroUK macrumors 6502

    Joined:
    Jan 6, 2008
    Location:
    New York
    #1
    Hi everyone,

    I use wordpress to host my site www.aaronshort.com

    Recently when I load the site I have a Java applet to access my computer while on the main page. I have attached a screen grab. If someone could help me I would really appreciate it.

    Best

    Aaron
     

    Attached Files:

  2. CrickettGrrrl macrumors 6502a

    CrickettGrrrl

    Joined:
    Feb 10, 2012
    Location:
    B'more or Less
    #2
    Did you install the latest Java patch in Software Update this week?

    I was just reading this article about the java exploit in Ars, you might want to take a look at it:
    http://arstechnica.com/apple/news/2012/04/flashback-trojan-reportedly-controls-half-a-million-macs-and-counting.ars?comments=1&start=0#comments-bar
     
  3. AeroUK thread starter macrumors 6502

    Joined:
    Jan 6, 2008
    Location:
    New York
    #3
    It is not that, I think it is a virus in my site but I have no idea what to do!
     
  4. jared_kipe macrumors 68030

    jared_kipe

    Joined:
    Dec 8, 2003
    Location:
    Seattle
    #4
    Do you not have a local copy somewhere? Delete it from the host and re-upload your local copy.
     
  5. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #5
    It's not a virus, since there are no Mac OS X viruses in the wild. It's simply a website requesting access to your computer. Just click "Deny". That's all you need to do.
     
  6. SandboxGeneral Moderator

    SandboxGeneral

    Staff Member

    Joined:
    Sep 8, 2010
    Location:
    Orbiting a G-type Main Sequence Star
    #6
    While true, the OP is saying that he didn't install this applet into his website, which means his site was possibly hacked and someone else put this applet in there. He wants to know what happened to his site and how to fix it.

    That's what it sounds like he is saying to me anyway.
     
  7. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #7
    It appears to be something from WordPress, not a hacker.
     
  8. SandboxGeneral Moderator

    SandboxGeneral

    Staff Member

    Joined:
    Sep 8, 2010
    Location:
    Orbiting a G-type Main Sequence Star
    #8
    Right, and that's what the OP is inquiring about. OP owns the website from Wordpress and did not install this applet into his website. A Google search of the Java applet shows a Brazilian website as it's source. OP wants to know how to get this applet out of his website.
     
  9. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #9
    If you go to the site and click View > View Source you can see the HTML for the site. Also, you can right-click on any item and select "Inspect Element" to learn more.
     
  10. AeroUK thread starter macrumors 6502

    Joined:
    Jan 6, 2008
    Location:
    New York
    #10
    Sandbox General, that is exactly right.

    My site is hosted on Bluehost and is a WordPress site so I cannot scan the files offline.

    The applet can be ignored on a PC with IE but my Mac asks to accept the applet every time. I just need to find out how to stop this happening. Does anyone know?

    Best

    Aaron
     
  11. SandboxGeneral Moderator

    SandboxGeneral

    Staff Member

    Joined:
    Sep 8, 2010
    Location:
    Orbiting a G-type Main Sequence Star
    #11
    You're going to have to look over your code for the malicious code that doesn't belong and remove it.

    Also, make sure you're using a strong password for administrative access, and change it right away, regardless. If anyone has delegated authority to the site, make sure you have them change their passwords and make them strong.

    Then make sure you have any software you're using with Wordpress is fully up-to-date.
     
  12. CrickettGrrrl macrumors 6502a

    CrickettGrrrl

    Joined:
    Feb 10, 2012
    Location:
    B'more or Less
    #12
    Hi AeroUK,

    I hope your problem is resolved now. I just read the following on MacWorld, --remembered your post and thought you might be interested:

    http://www.macworld.com/article/1166255/security_experts_600_000_plus_estimate_of_mac_botnet_likely_on_target.html
     
  13. Consultant macrumors G5

    Consultant

    Joined:
    Jun 27, 2007
    #13
    You can access the files through FTP.

    I am guessing you have a weak password and they brute forced it.

    By the way saying this is wrong "I use wordpress to host my site" when you are "Using self-hosted wordpress"
     
  14. AeroUK thread starter macrumors 6502

    Joined:
    Jan 6, 2008
    Location:
    New York
    #14
    OK so should I change my password and then try to get my files downloaded and scanned from the FTP server?

    I have not had the problem for the past few days...
     

Share This Page