problem with ad in my template

Questions related to the configuration of Joomla, Templates, and Security related questions/issues
Rate this topic: Evaluations: 0, 0.00 on the average.Evaluations: 0, 0.00 on the average.Evaluations: 0, 0.00 on the average.Evaluations: 0, 0.00 on the average.Evaluations: 0, 0.00 on the average.Evaluations: 0, 0.00 on the average.
GK User
Mon Jul 31, 2017 9:20 am
Hi,
I am using the Joomla Magazine template. Last Friday, to my surprise, I was informed that my non-profit website redirects to ads (virus/porn ads). After two members told me about the same page (https://picturesofindia.org/fr/blog-fr/41-festival-2017), they clicked on the link from a Facebook post: https://www.facebook.com/PicturesOfIndi ... 5090210942

I asked my host to have a look as I thought it was a virus. They replied the following (I'm translating from French) and that's where I need help. Is this a normal feature in the gk_template? Can the javascript redirect be removed? Please help.
"I think I have identified the origin of the redirection by analysing your website code. Your website was not hacked but your theme apparently has distant code.
1) Your page calls the following javascript file:
https://s3-eu-west-1.amazonaws.com/asse ... gin.min.js
2) The code in that file redirects when some conditions are fulfilled to
http://get.imobilecontent.tk/?utm_mediu ... ws_bb_2&1=
3) The above URL shows "advertisement"
According to the what I can see, the javascript mentioned in point 1 is part of the "cookie consent" of the gk_magazine template.
I can only advise you to turn off this functionality in your theme and look for an alternative if you really need this."

Thanks for your support, sincerely,
Joanie
User avatar
Fresh Boarder

teitbite
Wed Aug 02, 2017 10:18 am
Hi

Please disable Your Cookie plugin and replace it with some 3rd party. I'm afraid the one template was using got hacked.
User avatar
Moderator

GK User
Wed Aug 02, 2017 4:42 pm
Did my template get hacked or everyone using the Magazine template will have the same problem?
If only mine, can it be resolved? How? Would you be able to help?
Also, I looked all around but can't find how to remove this option. Please advise.
Thanks a lot, Joanie
User avatar
Fresh Boarder

teitbite
Mon Aug 07, 2017 4:00 pm
HI

Template was not hacked. Only the Cookie plugin was affected. In fact the plugin stopped existing and hackers has bought same domain to replace it with their code, so simply by not using this plugin site is safe from this attack.
User avatar
Moderator

GK User
Tue Aug 08, 2017 8:00 am
Got it, thanks a lot.
Are you going to update the Template with another cooking plugin? Because that plugin was part of the Template, I didn't install it.
Sincerely,
Joanie
User avatar
Fresh Boarder

teitbite
Tue Aug 15, 2017 11:25 am
Hi

We've only borrowed the CC plugin. There were no files of it existing in template itself, just the link to a location which was took over by hackers. Templates are updated already and plugin's links were replaced. Please simply update template to the latest version.
User avatar
Moderator

GK User
Tue Aug 15, 2017 12:35 pm
Thanks a lot for the explanation, I found out how to and replaced the code for now.
Sincerely, Joanie
User avatar
Fresh Boarder

teitbite
Tue Aug 22, 2017 4:42 pm
Hi

Great to hear it. Closing this thread now.
User avatar
Moderator


cron