Ok.. my site: www.u-no.info I think this is how they did it. They uploaded an .php file from my forum. Then a php called "mshell.php" started to create on each individual folder. ( This gave administrator control, I even checked. ) [ Link: My host can pull the data back up about to 1 week from now, which I was hacked today early morning. [ Restore, but costs me $75 ] Tracking them will be easy, but tracing IP proxys to another will be hard. I am wondering if finding this hacker is possible. I am pretty sure, and others have told me that I can sue this hacker for how much time and how much customers and how much money and how much stress I have taken and also illegal action against me, when I am NOT AT ALL RELATED or at least someone behind is trying to do this for fun or some kind of a reason I do not know. I can get all the IP logs, MYSQL logs, and the date the virus was injected, and such and such. I am just wondering, if anyone can help me find this person, and directly sue them for repayment of what I have wasted ( Lawyers / Specialists / Site / Time / Etc ) and go to court for decision. If it is possible for me to sue them, and that I can win, and I can track this person down, Please please help me.. I will pay whatever I can, because at the end this person will be the payer, and I am very mad and concerned. --- Note: they also hacked my MSN , as well as other accounts. -Chitika Probably ( not checked, I was too stressed) -Hacked my Godaddy Account ( Domain ) -Lunarpages (My Site Server Host / Account, and changed all the information, and currently somehow had cPanel Access TOO) --- Also Note: I have Nod32, and IObit Security MOST up to DATE. I have not downloaded anything suspicious past month, and I take seriously about downloading things. My site host is repeatedly saying it is my computer with virus, but I am pretty sure and confident that my computer had no virus and has no virus right now.
I think they got your password. Only real way to get in those all. Did you use the same one for them all. Anyhow, its not worth it to go after, and most likely no one will care. Load a backup, find how how they got in, fix that problem and move on. Worrying about how to sue them will waste more time.
I got hacked twice. I am not some kind of retard people think when someone gets hacked. These people or person is not a "script kiddie" they / person is a trained, because they / person had hacked other site (or sites.. ) My Host could not help me because this was a high level stake conversation, and they ran out of resource to help me. Also anti-virus scanners that does not detect this virus are something to definitely to think about as well. --- They hacked my MSN, and all. I cannot get my accounts back. Even if I were to get my site restored, doing all possible things that anyone can think of, still will get me paid, and each time me paying 75 dollars for restore is a pain. I had unique password for each and they were infact very long .. [ *********** to ************ ] It was not just numbers either, but with letters and caps. Maybe people at here DO not care, but others care a lot. ( why read then?.. ) A lot of people at least all people at my school is going to be concerned. All members registered at my site will be concerned. I will be concerned. People from another site taking my information as feeding will be concerned. People who use my files and sources will be concerned. People who regularly use a "program" on my site, will be definitely concerned. Last but not least, other person / numerous people who got their sites hacked. [ I know one site that was hacked from half a month ago. I used to go there a while ago but after the hacking, I quit. Also the news was spread all over the web about this "professional" hacker hacking these semi-large community sites ] -- It is just like DP getting hacked, and everyone at DP getting concerned, and some random site's people do not care for DP because they do not know what DigitalPoint is.
If your passwords were unique, then the only thing in common is likely your computer. It certainly sounds like they have access to your computer files. The only other way is if they had access to your email and were getting passwords sent to them at that email. Yes, you could sue them, but it isn't going to be worth it. You are talking about a $5k retainer just to get things rolling, and a court trial is going to cost a lot more. If this person doesn't live in the US, it wouldn't even be worth suing them and trying to collect. Even if you win, it can be next to impossible to collect - especially if they don't have any money.
How, a person can do it. It seems that they can access the files at your computer, or they are having your email ID access.
check these things.. your firefox/ie addons / toolbars do you use wireless hotspots? any unusual process running on your pc / firewall safe list am sure your pc is planted with loggers so tat your passwords are anytime usable to ur hacker no mateer how strong it is.
Called PHP injection. Happens every day. Dump the php code. It's junk anyway. Pure html code SEO's way better and requires no database. Anything with no MySql is a friend of mine! I got hacked 4 times in less than 3 months. Dumped the php code and guess what? No hackers. I can upload my whole site fresh and new if ANY sign of scumbag hack jobs appear. Can't say the same for my forum, but that is another issue. I am dumping ALL php and MySql junk from yourockradio.com very soon.
It's not important how long your password is... if you don't have an anti-virus software, you may have a trojan @ your PC and hackers can monitor what you do and get your serials and password easily.
I had Nod32, but people kept saying I had keylogger, so I scanned. NOTHING FOUND. Then I said no virus on my computer, they still told me it was my computer.. Deleted Nod32, then got Avira.. NOTHING FOUND deleted Avira, then got Norton 2010 NOTHING FOUND Also I do not have anything site related saved or even logged except through my laptop the only laptop this one I am using.
Some keylogger cant be detected by av alone. Use malwarebytes anti malware or any malware /spybot remover so that you will be totally safe. Do you have upload script on your web? If you d then disable that or make sure it doesn't allow .php file to be uploaded.
If I were you 1) format your computer or buy a new PC 2) Maybe get a new host and slowly transfer one site at a time combing through all the files There is NO way you will ever get the hackers. Even if you did, they are probably teenagers in another country. There are tons of hackers competing against each other trying to hack the most sites. Even if you spend $1 million you won't get them.
As BadBoyz, it's PHP injection. The most common way this is used is upload some php script on an image hosting site, and bam, they can get into your server.
^^ if its php injection than how his msn account got hacked? @bnbn1382 i will suggest you to scan your pc with kaspersky internet security suite with latest signature updates. After that scan your pc with malwarebytes anti malware software. Reset passwords of your emails, webhost etc. After securing your pc remove that php file which is basically a shell and than backup your database and clean up everything from your server and than do a fresh installation of your ip board. Also hire someone to verify that your database is clean. Never store passwords on your computer unencrypted! Use lastpass to encrypt passwords in ie and firefox. You can use a onscreen keyboard to type passwords. You can also try installing keyscrambler. I hope it helps!
OK. They did upload virus .php through uploading system on my IPB 3.0.x They did not malware my computer, nor keylog me either. They used something called MSN [Hotmail] reverting, as I have done it again to get it, it is quiet a bit easy target for site owners. Once they know my name and my street address and my IP address (easily taken from some site domain info looker.. I do not have hiding thing because I did not pay extra ) and some of the people I have on MSN or at least some any proof of latest mail receiving (easy, because the hacker can send me pointless e-mails) They can take my hotmail account. I have secured now everything except Hotmail. I did get my account back through reverting just like the hacker did in 1 day. MSN responded really quick. I am waiting for Hotmail to respond back about how I can prevent the hackers from reverting again. I got my site secured now, as I have changed all my e-mails to Hanmail AKA Daum which is korean e-mail provider, which has way more mailing options and is very more advanced than Hotmail. I am only 15 and I dont know much of coding, but these are things I have done after the attack. Before: 1. All scripts Updated 2. .htaccess IP address for admin panels to just myself. 3. Password Very Sensitively Long. 4. No other FTP access except myself. 5. Computer Internet Access from only one computer ( which is mine ) 6. Have Iobit Security ( Deletes tracking cookies etc. ) 7. ESET Nod 32 ( Anti Virus ) 8. Never downloaded or have gone to suspicious site past 1 month. 9. I think I did more, but cannot remember at this time. After 1. Changed all primary site e-mails to other provider from MSN (Hotmail) 2. Removed all suspicious .php and other files from FTP. 3. Changed all my passwords related to .. (you know) 4. Deleted/Removed all useless/unused folders + files 5. Removed all uploads from users at my Forum (IPB) except image files. I think this is fine, but help if I am missing something. My site: www.u-no.info
Are you using PHPBB or VBULLETIN? There are different security plugins for either one, and I have found them to be very useful (just do a simple search on Google) and you'll get a lot of results.
Yes, he is true, they need to get your password, if as you say you had all the latest anti virus Are you running a ded server or shared, that is why i prefer big players of hosting when it comes to ded servers, it is better to leave it to professionals that some kid running servers in his basement and offering it at throwaway prices, of course if one cannot afford a ded server from a better host then i think his/her business is not viable Anywhich way, cheaper options can end you up like this, i know this was quite straightforward, but fact is, this is what i have learned in the last 4 years of my online life, give peanuts you get monkeys to do business with I completely sympathise with your situation, it can happen to anyone, my suggestion is "revenge"
They're most likely behind some proxies, so I'd simply report this to your Hosting services, and make sure their security is better.
The problem is... They'll be back. IF they found your vulnerability they will attack it again and again until you change the whole code and cover up the hole they found. I have no idea what you are using friend, if it is some open source crud they already created a hole for you. Some dumb turd who is on the "team" can create a vulnerability and all his geeked-out bong smoking Chito chucking buds can cum plaaaa-aaay on your website at night. If you assembled some group of random nulled php code you got off of a bit torrent site, then shame on you, but if you assembled random free code you are always going to be fighting these idiots. phpbb seems to have gone the wrong direction with their new forum code. I was was getting spam-slammed so hard I was almost in tears until I found a rude awakening mod that cured the problem. Still... Phpbb is NOT the best of the best anymore. Hopefully their new edition will be better. Wish I could afford what DP uses - VBulletin, but it is like 130 a pop for the license. I had to pass. I still suggest ditching the php code, but you won't. So that is your lot in life... Be hacked and be happy.