Joomla Bluestork Built in Virus

  1. Home
  2. /
  3. virus
  4. /
  5. Web Design
  6. /
  7. webdesign
  8. /
  9. website
  10. /
  11. Joomla Bluestork Built in Virus

Joomla Bluestork Built in Virus

Posted in : virus, Web Design, webdesign, website on by : TruXter

Found in the error.php file

You can either replace the error page with another, or delete all on the text within the php file with text from a safe error.php file

What happened you say?
My website got shut down by my webhost. They told me there was a virus on on of my websites and told me to upload a safe copy of the website..
Well I don’t have a copy of my website. They have a copy of my website.
but. I couldn’t do anything. SO I downloaded the whole website via FTP. and decided to locate the joomla files the webhost said may be compromised.
To be certain, I downloaded a fresh copy of Joomla, and a fresh copy of blue stork and checked for a virus.
Yep. Sure enough.
The Error page has a virus in it.
I started with a simple scan with EMsisoft Emergency kit
Then moved to virscan.org single virus scanner that uses multiple scanners, to scan one device and shows you what they all find. They don’t all typically agree with each other, so it’s like getting a 2nd 3rd,4th etc opinion all at one time.

Here is the resulting page

I then ran to virustotal website and performed a very similar scan. and got somewhat similar results.
The results
Admin theme Bluestork
The scary part, is Bluestork has been the default admin theme for Joomla for quite a long time.

It seems there is either a new virus definition going around that is much better defines, or is flawed, or bluestork people really have something to fix.

Either way, it might be in the best interest for Joomla to strip the bluestork theme out of the default themse.

I myself have stripped the error page to no text with in it at all.