Hi,
We've had a virus implanted on our ASP.NET site which I can only guess has been placed there by somebody/something using FCKEditor as the transport mechanism. My reasoning is that a new ASPX file was created in the following location "/UserFiles/Images/s/" and the only thing on the website that uses that directory is FCKEditor.
I've only recently started working with this existing website, and have recently upgraded FCKEditor to the latest from a version one dated back in 2005 (I don't have a version number). I'm hoping that now I've upgraded it can't happen any more [fingers crossed].
The virus is a trojan called "Troj/Akspy-A"... and I wondered if anybody else had any trouble with it?
Many thanks,
Tom
We've had a virus implanted on our ASP.NET site which I can only guess has been placed there by somebody/something using FCKEditor as the transport mechanism. My reasoning is that a new ASPX file was created in the following location "/UserFiles/Images/s/" and the only thing on the website that uses that directory is FCKEditor.
I've only recently started working with this existing website, and have recently upgraded FCKEditor to the latest from a version one dated back in 2005 (I don't have a version number). I'm hoping that now I've upgraded it can't happen any more [fingers crossed].
The virus is a trojan called "Troj/Akspy-A"... and I wondered if anybody else had any trouble with it?
Many thanks,
Tom
Re: FCK used by virus
We too have recently started to have virus/spyware problems on our ASP.NET 2.0 site. We have found aspx pages at the following locations:
‘\userfiles\Images\e\main.aspx' and '\fckeditor\editor\css\Dyelle.aspx'. Both these files were caught by the anti-virus software that described them as belonging to virus/spyware 'Troj/Akspy-A'.
The site uses an older version of the fckeditor, I think it's 2.4.1. Does anyone know if upgrading will help resolve these issues or had similar problems and found a solution?
Thanks
Simon
Re: FCK used by virus