This type of infection is much more common with the password being weak or breached (do not use your birthday/name of your dog, Kids name/etc!!!) See more on Password strenghth here. For that reason, you are strongly advised to follow these steps:
What are malicious iframes and what causes them?
Over the years hackers found it hard to trick people into visiting suspicious sites so they're now targeting legit sites and using them to infect unknowing customers. In most cases an FTP account's password is obtained through key logging Malware, then legit website files are modified to distribute the Malware and gather more passwords. If your PC has been infected with one of these Trojans, your bank account, email accounts, and FTP accounts may no longer be secure. Note that Filezilla stores your password in plain text! Use strongly encrypted passwords with programs like (free) Keepass!
What to do if you find malicious iframes on your PC?
- Use the following online vulnerability scanner and ensure your software is up-to-date: Scuneria (this is only indicative and not final!: These online scanners do make tons of mistakes)
- Download antivirus and fully scan your PC for malicious files. Here are some free online scanners:
- Update all passwords that may have been obtained. Do not use old passwords, generate new ones (see above link)
- Upload older versions of the files or contact support for assistance removing the malicious iframes.
- Ensure you use the latest browser version CRITICAL!
- Use Firefox with addon "noscript" (!)
- Download and install some (free) antivirus software, make sure it stays updated CRITICAL!
- Use AVG Scan to test suspicious links you are given in emails or find online.
BACKUP & DOWNLOAD your site and database! Use either your cPanel features or use Akeebabackup or whatever you use:
Now we get often the question "what extension does protect my site" Answer is simple: NONE : You will need to make sure that your host has its security features optimized (mainly Mod_Security/IPTables Protection/Live upload scanning/suPHP or Mod_Ruid and many more). Than you make sure that YOU (!) do not make the basic mistakes: Folder permissions wrong!
Never, ever! set folders to anything else than 755 and do not set your files other than 644 (global config of Joomla will be set auto to '444) Once again...Some extensions migt help you discover vulnerabilities on your server but two key elements make the day or break the day: You & your PC and Your hosting Company!
You use to visit warez/filesharing/porn-sites? Use an other computer than to access your site and make sure you have top-notch protection! Do not underestimate the fact that behind a simple image of the "sun" a whole piece of code can be hissed! Download any zip etc and scan before opening the file!
Get your: GWS-Desk.com Security Audit for Joomla