I would like to tell something i know about the virus.
It infects websites thru FTP and not by exploiting scripts.
When a user login to his FTP in a infected system it logs in username and pass. something like keylogger. Then in a 24hrs time an iframe tag with the malicious code will be placed in as many files as possible.

When a user opens the infected site it will redirect to somesite which will then try to download PDF. now the virus has been DOWNLOADED to your temp. At this point your virus scanner is not detecting the virus/trojan it is impossible to remove it except formatting the HD.

After a detailed search the virus origin seems to be romania.

Even it infected wordpress. search for xtrarobotz.com

Thank you for the advice, and for covering the Pligg-gate!

Pierre

Good to see you gain friend.

Andy is a good friend of mine and avid designer. I highly recommend his blog.

I wish him and everyone using pligg the best of luck

@pierre they have a few options available.

1. Social Web CMS – http://socialwebcms.com Founded by Pligg’s original developer and a system being used by the popular Tip’d website founded by some of the of the top users on Digg.com. Here is an article describing their startup process How to Build and Launch a Social News Site in 21 Days. Tip’d have also never reported having any problems or being hacked whilst using SWCMS which is always a great sign as it’s becoming a popular website.

2. Drigg for Drupal – http://drupal.org/project/drigg this particular project is currently in the process of looking for a new maintainer, but the upside is the current version is very stable and running many websites without any errors, hackings being reported. Also by using drupal you can seriously expand the website by any of drupals available modules.

3. Custom Solution – Getting a custom solution coded may be the sites best idea. Designfloat claim to rent a NITRO server from mediatemple.net which cost’s a whopping $750 per month, it might be better to rent a dedicated dual core server of $130 to £200 per month which would run 2 or 3 designfloat websites sites without any problem.

This would leave them around $550 per month in server costs which they could then use to fund a custom solution. Although not a free options this would be my approach to the problems they have suffered if the cashflow was available.

The current issue with Design Float isn’t necessarily the CMS, it’s also the lack of the site being maintained properly.

You can’t just through up a site and walk away from it.

@Pierre, they could try Drupal, but I haven’t tried Drupal myself to really give too much of an opinion on it.

Wait until Google red flags the site for containing malicious code.