Hi friends, My sites got hacked.One of them is www.baanner.com I am reinstalling everything now to run it. I am unable to find how did it happen. The deleted all the files of my sites and left their files. Could anyone please help in this matter? Thanks in advance.
No one can help unless you give more details as to the nature of your site (static or dynamic) in other words did it use a database, was it based on a content management system (if so which one?) etc. If they deleted all your files it could be a FTP hack, meaning they got your ftp credentials somehow and logged in and deleted your files and uploaded theirs. I'm not an expert by any means so I can't help beyond that but if you explain more about your site others here may be able to. Good Luck.
My sites are in Joomla CMS.I too think that they did this via FTP Control Panel password etc. is fine. I just can't understand that how did it happen.
What version of Joomla were you using as of yesterday ? ( 10/3/2009 ) Most ( 80 % to 90 % ) of all computuers online are infected. There is a good chance your own computer sent the login information of your web host to the "culprit". Clean up your own computer first before looking at weaknesses in your web host or in Joomla. Use Spybot Search and Destroy, use Kaspersky, use Avast. Forget Norton or McAfee.
I'll agree with blue.star because i have faced to same problem do not do anything on your computer unless you format your computer. Do not login to your hosting , domain control panel or atleast email on your computer... use another one from your friend for now.
It's appear that you are hosted on hostmonster.com well this happen to me last time. They accidentally terminate your account and then recreate it again and ofc your data will be lost completely well an easy way to find out about this is everything is wipe out including addon domain or subdomain. Your awstat not showing for your current bandwidth usage or previous month bandwidth usage. If you don't have the "symptom" i mention above for you account then what I said above can be ignored.
There is no need to format your hard drive ( computer ). Dont do it just because you are not sure if you have malware or spyware or not. You also did not answer my question about what version of Joomla you are using. If you do not let me help you I can not help you.
The version was 1.5.(i forgot to answer your question earlier.Sorry friend.) I think they did not guessed my passwords etc. because my passwords are right and i changed them.
Are you still having problems ? What is the revision number ( last digit ) of your Joomla version ? It should be 1.5.14 as of today. Did you run any anti-malware or anti-virus software ? A good place to find free help is : LINK
The version you mentioned is right. I am doing everything from the beginning now.I am not facing any problem so far. Thank you very much for your help friend.
No problems. Consider your surfing online to be similar to a walk in New York City or other large city. You have to be careful.
One of my sites got hacked twice within two months. Wasn't really my fault, but I considered that host server compromised (they got in through a backdoor method), and moved to another host, and tightened up my PHP flag settings. If you're using anything PHP-based like Joomla, be careful with those security settings, there're a few lists of recommended ones, google "php security" to read about it.