We launched new forums in March 2019—join us there. In a hurry for help with your website? Get Help Now!
    • 37042
    • 384 Posts
    One of my clients 2.2.14 sites has been hacked. We're not in charge of patching / maintaining their install otherwise they'd be running 2.2.16 onwards.

    It looks like they're injecting a CSS selector into the Head which pushes the offending content off the screen. Effecticaly, you wouldn't see the malicious content and I can't even see the selector when viewing the source.

    <style>
    .icfzufcs	{
    	position:absolute; left:4000px;
    }
    </style>


    Does anyone know how this works. IE Has the site login and manager been comprimised or is this likely a breach involving a malicious file sitting on the server?

    In the meantime, I'm going to upgrade to 2.2.16
      ...
      • 37042
      • 384 Posts
        ...