Website and forums "hacked"....
Posted: Tue Mar 14, 2017 2:06 am
If you try to enter the jyetech.com website or forums from Google results, you end up on dodgy adult websites. This ONLY happens if you come via Google - other links, bookmarks, etc are fine.
Google itself is now warning about it, although it wasn't a couple of days ago, so the "hack" is probably recent.
In case it helps clean things up - I've had a similar issue with websites I've maintained in the past, and every time it's been code added at the very top or very bottom of the PHP file (unfortunately it gets added to every file with write access). It's normally pretty obvious because they encode their code as base64, and stick it inside a "eval(base64_decode(<their data>))", so finding anything starting with "eval(base64_decode" in your PHP is bad news (but also good news - you've found it).
Google itself is now warning about it, although it wasn't a couple of days ago, so the "hack" is probably recent.
In case it helps clean things up - I've had a similar issue with websites I've maintained in the past, and every time it's been code added at the very top or very bottom of the PHP file (unfortunately it gets added to every file with write access). It's normally pretty obvious because they encode their code as base64, and stick it inside a "eval(base64_decode(<their data>))", so finding anything starting with "eval(base64_decode" in your PHP is bad news (but also good news - you've found it).