I am so livid right now. Somebody hacked my site and used it to send out Nigerian bank scams. I don't want to be associated with this. How on earth are they doing it and how can I make sure I am clean? You can read the full e-mail I got from hostgator here http://www.kylehealey.com/my-site-shut-down-for-nigerian-bank-scams/ Any advice appreciated.
If you are using a shared hosting, ask your provider to delete and recreate the account for you. If you have your own server do an OS reload and ask a security expert to patch the security patches for you.
Those people really p*** me off. Why cant people with that kind of knowledge and ability put their efforts into legitimate efforts.
The most internet frauds are coming from Nigeria See this post where the most fraud payments are coming from?
Did you informed hostgator about the hack when you first noticed? I hope you should move to dedicated server if you get it back as suggested by wisdomtool.
From personal experience i know that using a low resource site on a dedicated server all by its lonesom can seem pointless, Well yes if you get 1 visitor a day the chances of your site being hacked are extremely slim, I recently purchased a small electronics company (fully online import/export based) And within 2 weeks of transfering it to my own servers it was hacked and everything was lost, unfortionatly i had just re-designed it and scrubed the old database, replaced everything with new systems and spent about 3 weeks sold coding to put it back into the new database, Unfortionatly someone hacked this site and took down the whole thing, it went from a self-running business to a hated unreliable and unsecure business, Lots of people saw it offline and therefore felt unsafe to use there credit cards on the sites etc. Most customers dont understand security can be fixed/bettered. So i ended up losing my company to hackers, In the end they managed to get hold of the domain & server details and its recently expired, Due to other jobs i never bothered fighting them on that occasion as its not like i was providing a monthly service or anything all customers i DID have were still satisfied with there goods etc. None the less as small as my site was it needed to be a dedicated server on its own fully maintained and regularly checked for security issues, and i wouldnt have lost my $7500 investment so easily.
Hostgator informed me they hacked my email only (squirrel mail) and not the server itself. Not sure though... Thanks for the replies.
they hacked the built in email on hostgator? did they have your password? otherwise i'm very worried about hostgator shared hosting.
I had something similar happen to me a few years ago.. Someone exploited a hole in my sites post-nuke CMS and used my servers SMTP port to send out millions of spam emails. The server close my account straight away and banned me from using post-nuke. It took them over a month to sort everything out and send me a backup of my files. The good thing is, they only used the server for the spam emails, they didnt touch any of my files. Regardless though I had to completely rebuild using a new CMS which was a pain in the ass! I now use Joomla CMS which is alot more secure.