Pop-up virus on mobile site
Questions related to the configuration of Wordpress, themes, and security related questions/issues
Rate this topic:
- GK User
- Mon Jun 27, 2016 9:17 pm
Hi,
A number of users are reporting that when they view our site on a mobile they are presented with a pop-up. It is only on mobile browsers that this hijack is happening.
We have no pop-up ads so it's malware.
We've run virus scans over the whole site and come up with nothing. AVG Threat Labs says we're clean. It's obviously coming from somewhere - but where?
We need to sort this, any help gratefully received.
Thanks
A number of users are reporting that when they view our site on a mobile they are presented with a pop-up. It is only on mobile browsers that this hijack is happening.
We have no pop-up ads so it's malware.
We've run virus scans over the whole site and come up with nothing. AVG Threat Labs says we're clean. It's obviously coming from somewhere - but where?
We need to sort this, any help gratefully received.
Thanks
-
- Junior Boarder
- GK User
- Tue Jun 28, 2016 6:02 am
Forgot to add - website uses News 2 theme.
My webhost confirms that the website is clean.
Welcome any thoughts!
My webhost confirms that the website is clean.
Welcome any thoughts!
-
- Junior Boarder
- Joshua M
- Tue Jun 28, 2016 8:09 am
Hi,
Firstly try to check any online security scanner like: https://sitecheck.sucuri.net//
Then, try to disable all plugins and check again.
It may be also any <iframe> .. or other fragment of code added to your website files, so you should also compare your files with the default News2 theme files and do the same with WordPress files.
Similar issue may be found here: http://forums.androidcentral.com/samsun ... -real.html
Firstly try to check any online security scanner like: https://sitecheck.sucuri.net//
Then, try to disable all plugins and check again.
It may be also any <iframe> .. or other fragment of code added to your website files, so you should also compare your files with the default News2 theme files and do the same with WordPress files.
Similar issue may be found here: http://forums.androidcentral.com/samsun ... -real.html
-
- Moderator
- GK User
- Tue Jun 28, 2016 10:18 am
Hi Joshua,
Thanks for this. I have indeed done as you have suggested and run the site through various scanners. It always comes back as clean.
My next thought is that it is the user's phone that is infected but
- too many people are reporting this
- it's happened to me, even though my phone is not infected
- it's only on my website that's its happening
- we don't have any pop-ups set up on the site
Welcome any more thoughts.
Cheers
Phil
Thanks for this. I have indeed done as you have suggested and run the site through various scanners. It always comes back as clean.
My next thought is that it is the user's phone that is infected but
- too many people are reporting this
- it's happened to me, even though my phone is not infected
- it's only on my website that's its happening
- we don't have any pop-ups set up on the site
Welcome any more thoughts.
Cheers
Phil
-
- Junior Boarder
- Joshua M
- Wed Jun 29, 2016 7:59 am
Did you compare theme and WordPress files?
-
- Moderator
- GK User
- Fri Jul 01, 2016 10:19 am
Hi Joshua,
I reinstalled the template - now on version 1.9 rather than version 1.7. Aside from some changes to the overide.css file it is now the Gavick original .. and the problem is still happening.
I've been able to replicate it when opening a link to the site from Facebook - again on my mobile - but not from manually visiting the website.
So could there be something in the way in which the Facebook link is being called up?
Googling around only seems to bring up results suggesting it's at the users end but I don't think that is the case.
Thanks
Phil
I reinstalled the template - now on version 1.9 rather than version 1.7. Aside from some changes to the overide.css file it is now the Gavick original .. and the problem is still happening.
I've been able to replicate it when opening a link to the site from Facebook - again on my mobile - but not from manually visiting the website.
So could there be something in the way in which the Facebook link is being called up?
Googling around only seems to bring up results suggesting it's at the users end but I don't think that is the case.
Thanks
Phil
-
- Junior Boarder
- GK User
- Fri Jul 01, 2016 3:04 pm
This thread seems to be the most helpful about the subject - looks like it could be an issue from Facebook or Google AdWords.
-
- Junior Boarder
- GK User
- Tue Jul 05, 2016 7:04 pm
Sussed it - it's Google AdSense code linking to a rogue website.
I think it is attempting to link to ilovemobiletrack dot com. Have blocked access to the site from Google AdWords and - touch wood - it's been fine so far.
Hope this helps others of you with the same problem.
I think it is attempting to link to ilovemobiletrack dot com. Have blocked access to the site from Google AdWords and - touch wood - it's been fine so far.
Hope this helps others of you with the same problem.
-
- Junior Boarder
8 posts
• Page 1 of 1