Potential Malware

Go Daddy, who host my websites including Journal of Observational Pain Medicine
(http://www.joopm.com) recently sent me a message, as follows:
’ our scans also flagged other content that could be malicious, but due to the
nature and usage of these files, we did not remove them as this should be reviewed
by a website administrator first. We recommend you log in to your hosting account
to review the following content and remove if necessary:




Please could you help me - I am unable to tell - I need to know if you can
identify this content as part of the PKP software you provide - or in your opinion
is it malware? Do you have an update for PKP software on our site - how can we get
the latest versions of the software?

Thank you for your assistance

Hi @kjdcomms,

None of those are parts of OJS and all are potentially malware. The filenames look to me like they’re intended to look at a glance like they’re parts of OJS (i.e. they mimic the names of parts of OJS). I suspect they were most likely created by an automated attack tool and probably contain back-doors that can be used to access your system.

The means of attack could be any number of things – overly lax file permissions, or an insecure version of some server software, etc.

To get the latest versions of our software, go to the Downloads page; there are directions inside the download package on how to upgrade in docs/UPGRADE.

Alec Smecher
Public Knowledge Project Team

Thank you

very helpful we will remove the files

If we upgrade does will we lose our existing site or will it just upgrade the files in the background




Hi @kjdcomms,

Upgrading will migrate your existing content. I would suggest reviewing your site thoroughly to ensure you’ve removed any potential malware; personally, I’d use something like the standard diff tool to locate unexpectedly modified files etc.

Alec Smecher
Public Knowledge Project Team