Dear visitor, on 28 Oct 2011 I have received an email from Google saying that some files on my web site contain malicious code! After checking my files, I realized that my site was hacked on 23 September 2011 between 14:09 and 14:21 CEST. In fact, almost all files whose file names start with "index" and end with ".html" were compromised in the way that some cryptic looking Java Script code was inserted. I am sorry for this, probably it was the result of a too weak password for my FTP access. Unfortunately I do not have the slightest idea in which way this code could have possibly harmed your system if you have visited my website between 23 Sept and 28 Oct 2011. According to the log files of my 1und1 FTP account, the attacks took place from the following IP addresses and at the following times: 188.192.193.27 from [23/Sep/2011:14:09:44 +0200] till [23/Sep/2011:14:17:17 +0200] and 77.22.148.15 from [23/Sep/2011:14:20:32 +0200] till [23/Sep/2011:14:21:49 +0200] Both IP addresses are registered with "Kabel Deutschland Vertrieb und Service GmbH". Since I am not a customer of the internet provider "Kabel Deutschland", the possibility that the attack originated from my own PC can be excluded. I have now reverted my files back to the original clean versions and have changed my FTP password to a much stronger one. Now I hope that this will not happen again! Kind regards, Michael Jeschke PS: Here is the source code of the original (clean) file "index.html": ==================================================================================================== ==================================================================================================== Michael Jeschke
 

Homepage von
Michael Jeschke

Bitte warten, Seite wird initialisiert...

 

Ihr Browser unterstützt kein JavaScript!

Möglicherweise ist JavaScript in Ihren Browser-Einstellungen deaktiviert.
Aktivieren Sie es unter “Einstellungen” oder “Preferences”, und drücken Sie dann die Reload-Taste Ihres Browsers!

 

Wenn Sie ohne JavaScript weitermachen wollen (oder müssen),

dann klicken Sie hier, um auf die Homepage zu kommen.

==================================================================================================== ==================================================================================================== And here is the source code of the compromised file "index.html": ==================================================================================================== ==================================================================================================== Michael Jeschke
 

Homepage von
Michael Jeschke

Bitte warten, Seite wird initialisiert...

 

Ihr Browser unterstützt kein JavaScript!

Möglicherweise ist JavaScript in Ihren Browser-Einstellungen deaktiviert.
Aktivieren Sie es unter “Einstellungen” oder “Preferences”, und drücken Sie dann die Reload-Taste Ihres Browsers!

 

Wenn Sie ohne JavaScript weitermachen wollen (oder müssen),

dann klicken Sie hier, um auf die Homepage zu kommen.

==================================================================================================== ====================================================================================================