« Article Directory Cash Generates Spam
Sales Letter in a Box Bonus »

Article Directory Cash Security Fix

Thanks to the quick response of Dirk Wagner from http://www.internetmarketingoasis.com all webmasters who installed Article Directory Cash on their sites can now fix the security hole.

Dirk just sent me the following message:

I have had similar problems with that script. A hacker was able to change all my php config files at the server so that my visitors will be redirected to a virus download page.

I contacted the creator of that script and he sent me a fix. You’ll find it attached so that you can test it. I haven’t tested this fix myself since I removed the script from my server.

I uploaded the script fix to our server and you can download it from this link:

http://www.letsmakesoftware.com/dlc/ArticleSite-SecurityFix.zip

However…

I also just got this message from my host:

I tried to download the script again last night to do a comparison with WinMerge and check for differences in mine and the fresh version. Norton alerted me of a Trojan in the download file. Strange!

Then I got another message from Dirk…

Yes it is a trojan and it adds an iframe code to all your php config files so when a visitor comes to a php script based
website they will be redirected to a website where a virus download starts.

This happens for this cash script the same as with Jeremy Burns “Your own Article Directory”. But this fix should solve that.

It is also possible that the script is distributed under various names. Here’s another message I received from Rangoo Srinivas:

I’m using an Article Directory on one of my sites http://www.nicheprofits.info - the script did not come in the name of Article Directory Cash, it is called My Article Site.

I think it’s the same script. When I checked the install files of My Article Dir, I found another name in it - Article Beach. Probably it’s a private label thing and Article Beach is the original name. The fix for Article Directory Cash also had Article Beach in it. So I’am guessing it’s the same thing.

I hadn’t had the problems that were mentioned in your message board - script redirecting to another page, or sending spam emails. But I installed the fix just in case.

Keeping my fingers crossed :-)

Please note that I am only the messenger of this alert!

I have never installed Article Directory Cash myself so I really wouldn’t know what it looks like, how it works and how you can find out if your version has been compromised!

Anyone with additional experience is most welcome to post your experiences at the forum. There is a separate thread for this script alert in the Software Café category:

http://www.letsmakesoftware.com/forum/viewtopic.php?t=516

Thank you Dirk, Glenn and Rangoo. I hope nobody else will suffer from being hacked!

Patricia

This entry was posted by Patricia & Matt on Wednesday, April 19th, 2006 at 3:05 pm and is filed under miscellaneous, scripts. You can print it out or email it to friends . You can also leave a response, or trackback from your own site.

Leave a Reply

Creating your own software has never been easier…