My site (the rossi link) has been hacked, i was just checking the stats and i noticed a page that has been viewed i wasnt aware of, so ive clicked it and it says: Hacked By KatRina Iranian Hackers We are ReZa - sub_z3l2o - Vi5U4L - The.Polaris <REMOVED>@yahoo.com -=-=-=-=| project Is Started |=-=-=-=-=- do you think they have done anythign bad or just a game to see if they can hack it? (It was SMF theyve applied the page to)
Bless 'em. Most probably just a game. Back everything up, find how they got in (change your passwords, etc), etc. just to make sure though.
they viewed loads of pictures but just buttons and things like that, then they put that page up, nothing major really
check your raw logs if anything comes unusual and if you cannot find how they did it give those logs to some security advisor ! You did change passwords now ?
if hackers left a page on your site then you have the IP they used during that operation - even if it is a proxy - in the access_log files you can search for same IP to see if in the same sessino they surfed or modified any other files also look at the browser and OS signature they leave behind to trace other visitors with exactly same "fingerprint" in your log search entry door into your site and CLOSE it OR use the door for "noney-combing" to observe visitors in real time and get more data from your hackers until you know what they do before closing the door either way you need to know / find out exactly how they entered the site to secure the holes they found - in an earlier case I had on my site early this year - my "guests" used a well known backdoor of a software package i used - hackers know such backdoors - ignorant site owners like me always thought "never me ..." learn about any SW you have - search via yahoo and/or google all public security alert regarding your software a search with the below keywords might help you as a forum is an ideal SW to enter a site "SMF 1.0.6." security alert study all posts relevant to your own forum SW - some of the sites posting security relevant issues re your "SMF 1.0.6." might need to be searched in their archives to find your "SMF 1.0.6." security alert help do simily with any other SW you run - basically anything that allows posting or uploading or registration by others
The problem is that generally hackers aren't so nice as yours. I see attempts in my logs almost every day. But I am always afraid of those attempts which I don't see...
there seem to be hundreds of sites going down at the minute, usually increases over the summer during the school holidays.
i found their site but is in their language. http://blacknews.ws/ there are all the site who was hacked. just clik to see.
Great. They did you a favor write to them and say thank you in English and then offer a few tech guys a free beer to come figure out what they did so it doesn't happen twice