Malware Hack

My customer’s site got hacked and flagged as a malware site by Google. Its a WordPress installation.

I’ve been waiting for over two days for the Dreamhost “security team” to contact me. My initial support request got a response and they supposedly reset the .htaccess file. But the redirect/malware problem continued.

SO- I got brave and downloaded the new .htaccess file. Of course then I had to find a way to make this file visible in Mac Lion (downloaded the free app DesktopUtility from After I could see the file ( the leading dot obscures it in Lion) I opened it in TextMate, and low and behold, scrolling waaay down revealed the malicious redirects which I deleted. Then, since I ran into permissions trouble FTPing this newly cleaned file, I removed the “dot”, uploaded, then renamed on the server.

Still getting the malware warning from Google in Safari. Have requested a review. FF & Chrome are not giving a warning, but pages not found beyond home page… will try to work on that!

Posting here to share my efforts, glad to hear of any additional advice.
FF & Chrome now showing the malware warning … hmmm.

See also

When a site is hacked there are two important things to consider: 1) Cleaning up the damage and 2) finding and plugging the security hole that allowed the corruption to be introduced.

Yes. Its back up now (yay!!) but now to find how to prevent another occurrence - thanks for the link.