Last month, our office network was seriously affected by an Iframe malicious code, which is a Malware.  It has not only affected our  network, but our business too .  It was again a serious challenge to our online business and took some time to recover from it.  Therefore, I thought it would be helpful for other webmasters, web developers and other avid blogger how to over come this issue by reading this post.

Let’s see how it affects your network:

This Iframe virus gets the user name and password from the FTP client.  With the help of the FTP user name and password, the  virus downloads the index files ( index.html, index.php and etc) and injects the Iframe code and re-uploads it to the server. Therefore, when anybody accessing  the website gets infected by it.

Here is a sample Iframe virus code for your perusal:

Fixes:

• Please ensure that your code doesn’t contain any malicious code or any such vulnerabilities.
• You can enforce your office network with sufficient safety precautions
• Advise your clients to reset their FTP and database passwords at a periodic intervals and also not to save the password on your FTP client
• You may also recommend them to have a jumbled passwords such as )$%*#^&

I just cleaned my site after a malware attack. Now what?

You can request a review via Google’s Webmaster Tools and you can see the status of the review there.  Please check with the screen shot below

Sign into Google Webmaster Tools with your Google Account.

• Click Add a site,  and type the URL of the site you want to add.  Make sure you type the entire URL,  such as http://www.example.com/

• Click Continue. The Site verification page opens.

• (Optional) In the Name box, type a name for your site (for example, My Blog)

• Select the verification method you want.

1. Meta tag: We will ask you to add a meta tag with a unique value to your site’s home page. This is the easiest solution if editing your home page’s HTML is easier than uploading new files. In addition, this solution lets you easily verify sites you’ve created using Google Sites.
2. HTML file: We will ask you to create a file with a specific name and upload it to a specific directory on your webserver. The file can be empty—Google cares only about the file’s location, not about its content.

Google says you should see the removal of the malware warning from the search results within about 24 hours. But if the malware is still present, Google will tell you where to find it, URL by URL.

Here is a screen capture of the Google malware request form found within Google Webmaster Tools.

Hope this post is helpful to you and please leave your comments if you need any further information .