1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

All My Sites Got Hacked

Discussion in 'Site & Server Administration' started by EGS, Apr 21, 2006.

  1. #1
    ALL my sites got hacked as they were on the same hosting account. The hacker hacked into my cPanel and deleted everything - hundreds of sites and my Digital Point blog is now gone.

    This happened about 4 hours ago and my host is not supporting me through this (HostGator). I don't know how I am going to recover from this.
     
    EGS, Apr 21, 2006 IP
  2. fsmedia

    fsmedia Prominent Member

    Messages:
    5,163
    Likes Received:
    262
    Best Answers:
    0
    Trophy Points:
    390
    #2
    If you have a good host, they should have backups of everything.
     
    fsmedia, Apr 21, 2006 IP
  3. Smyrl

    Smyrl Tomato Republic Staff

    Messages:
    13,740
    Likes Received:
    1,702
    Best Answers:
    78
    Trophy Points:
    510
    #3
    Any loss of data no matter how little is a nightmare. Surely hostgator has backup. Now what they may charge to make available is another matter.
     
    Smyrl, Apr 21, 2006 IP
  4. likeman

    likeman Peon

    Messages:
    12
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #4
    hacking hacking why people are doing this why are they doing this giving problem to other people.
     
    likeman, Apr 21, 2006 IP
  5. ahkip

    ahkip Prominent Member

    Messages:
    9,205
    Likes Received:
    647
    Best Answers:
    0
    Trophy Points:
    310
    #5
    sorry to hear that dude, did they stole your login by keylogger?
    hope your host 've got backup
     
    ahkip, Apr 21, 2006 IP
  6. battra

    battra Peon

    Messages:
    120
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    0
    #6
    Wow. That sucks. I hope you also have your own backup so at least you can recover some of the data if your host refused or unable to provide their backup.
     
    battra, Apr 21, 2006 IP
  7. EGS

    EGS Notable Member

    Messages:
    6,078
    Likes Received:
    438
    Best Answers:
    0
    Trophy Points:
    290
    #7
    I called them. They say they will restore my websites via a full backup. Someone hacked into my entire account, changed my cPanel password and FTP password, deleted the ENTIRE public_html directory, and deleted all databases.

    Who knows what else they stole too.
     
    EGS, Apr 21, 2006 IP
  8. ly2

    ly2 Notable Member

    Messages:
    4,093
    Likes Received:
    222
    Best Answers:
    0
    Trophy Points:
    205
    #8
    lol *EDIT*
    nevermind
     
    ly2, Apr 21, 2006 IP
  9. EGS

    EGS Notable Member

    Messages:
    6,078
    Likes Received:
    438
    Best Answers:
    0
    Trophy Points:
    290
    #9
    The hacker also uploaded PHP files which called other files and so forth leaving comments saying "fuck you fuck you" and so on.
     
    EGS, Apr 21, 2006 IP
  10. Nintendo

    Nintendo ♬ King of da Wackos ♬

    Messages:
    12,890
    Likes Received:
    1,064
    Best Answers:
    0
    Trophy Points:
    430
    #10
    Did YOU have any back-ups!!!!
     
    Nintendo, Apr 21, 2006 IP
  11. Smyrl

    Smyrl Tomato Republic Staff

    Messages:
    13,740
    Likes Received:
    1,702
    Best Answers:
    78
    Trophy Points:
    510
    #11
    I wonder how they got in. You may not be safe until you figure that out.
     
    Smyrl, Apr 21, 2006 IP
  12. EGS

    EGS Notable Member

    Messages:
    6,078
    Likes Received:
    438
    Best Answers:
    0
    Trophy Points:
    290
    #12
    All my passwords were encrypted and I had no unstable scripts installed. HostGator is trying to charge me $15 to restore my sites WTF!? :mad:
     
    EGS, Apr 21, 2006 IP
  13. The Webmaster

    The Webmaster IdeasOfOne

    Messages:
    9,516
    Likes Received:
    718
    Best Answers:
    0
    Trophy Points:
    360
    #13
    Damn...
    That sucks...
     
    The Webmaster, Apr 21, 2006 IP
  14. williamjack

    williamjack Notable Member

    Messages:
    2,189
    Likes Received:
    324
    Best Answers:
    0
    Trophy Points:
    225
    #14
    Its very bad practice.But usually host do keep back.You should contact them.
     
    williamjack, Apr 21, 2006 IP
  15. Smyrl

    Smyrl Tomato Republic Staff

    Messages:
    13,740
    Likes Received:
    1,702
    Best Answers:
    78
    Trophy Points:
    510
    #15
    It is worth every penny. Glad it was no more than that.
     
    Smyrl, Apr 21, 2006 IP
  16. Mia

    Mia R.I.P. STEVE JOBS

    Messages:
    23,694
    Likes Received:
    1,167
    Best Answers:
    0
    Trophy Points:
    440
    #16
    ah, backup.... Is your host not up to date on the latest security patches, or did they let you use a lame password?
     
    Mia, Apr 21, 2006 IP
  17. Obelia

    Obelia Notable Member

    Messages:
    2,083
    Likes Received:
    171
    Best Answers:
    0
    Trophy Points:
    210
    #17
    That kind of assumes that you were at fault, which is not neccessarily the case. You really do need to get to the bottom of this, though, otherwise you are just as vulnerable as before.

    Probably the easiest way to get hacked is by having an easily cracked password. Beyond that, I suggest you get hold of one of those security manuals, such as "Hacking Exposed". There are so many ways someone with the right knowledge or tools could get in and ruin your sites.
     
    Obelia, Apr 21, 2006 IP
  18. Mia

    Mia R.I.P. STEVE JOBS

    Messages:
    23,694
    Likes Received:
    1,167
    Best Answers:
    0
    Trophy Points:
    440
    #18
    time = money... That is pretty cheap IMO.... We would have charged $50!
     
    Mia, Apr 21, 2006 IP
  19. EGS

    EGS Notable Member

    Messages:
    6,078
    Likes Received:
    438
    Best Answers:
    0
    Trophy Points:
    290
    #19
    As stated before, all my sites were encrypted into letter number letter number with no order or formatting..kind of like this:

    afoiha9s8yuds
    d7ah2b8dma91k
     
    EGS, Apr 21, 2006 IP
  20. Obelia

    Obelia Notable Member

    Messages:
    2,083
    Likes Received:
    171
    Best Answers:
    0
    Trophy Points:
    210
    #20
    Then you had better start looking for other explanations. Maybe your host forgot to patch; maybe your own computer has been compromised. If you're on shared hosting, someone else could have been attacked and that left all the sites vulnerable.

    You say you had no unstable scripts installed, but if you used anything remotely popular then these scripts can go from safe to exploitable in hours. Once a vulnerability is spotted, loads of sites could be easily cracked, and it's usually just a matter for the perp to use a search engine to find these sites. So you will need to double-check all your scripts before you put them back up.

    Good luck.
     
    Obelia, Apr 21, 2006 IP