My site was hacked

Discussion in 'Security' started by shadow_boi, May 2, 2007.

0
  1. #1
    My site was hacked, both in cpanel and ftp.

    The hacker hacked into my cpanel, and made a database for his site.
    And them uploaded his forum onto my server via ftp. And changed my index page.
    It was a Vietnamese's forum.

    Then I checked the last login IP to my cpanel. it shown 203.113.167.162
    then i checked the location of the IP in google, it shown Address:

    47 Huynh Thuc Khang, Dong Da District, Hanoi City

    Description: VIETEL-AS-AP

    Country: VN - Vietnam

    nternet service/exchange provider , No 1, Giang Van Minh Street, Ba Dinh District, Hanoi City


    Can I do any any legal action about it?

    And how can i find out how he hacked my site?

    Thanks
     
    shadow_boi, May 2, 2007 IP
  2. mjewel

    mjewel Prominent Member

    Messages:
    6,693
    Likes Received:
    514
    Best Answers:
    0
    Trophy Points:
    360
    #2
    While you may have the ISP provider, it doesn't tell who had the IP at the time they entered your site. In the US, you need a court order force the ISP to turn over that information. I don't know the process for Vietnam, but I'll bet it would be very expensive and long process. It's probably not worth the time or money. Just change your passwords, notify your host, and make sure your permissions are set correctly.
     
    mjewel, May 2, 2007 IP
  3. shadow_boi

    shadow_boi Peon

    Messages:
    374
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #3
    ok, thanks for your reply
     
    shadow_boi, May 2, 2007 IP
  4. Jackuul

    Jackuul Well-Known Member

    Messages:
    2,972
    Likes Received:
    115
    Best Answers:
    0
    Trophy Points:
    180
    #4
    Contact your host an inform them and get them to help you. If your host was hacked essentially, they should be in a furor. If the dude guessed your password though... then don't expect them to do much except reset your account or if they have a backup, get your site back up to before the hack point.
     
    Jackuul, May 2, 2007 IP
  5. Zinho

    Zinho Peon

    Messages:
    284
    Likes Received:
    7
    Best Answers:
    0
    Trophy Points:
    0
    #5
    You can also find the abuse contact of the Vietnamese provider here and report date-time + ip + action taken. Vietnam is one of the hackers paradise, I am not even sure they have any laws against it (and I am not sure they apply against american targets) but you can hope into the common sense of the attacker's ISP.
     
    Zinho, May 4, 2007 IP
  6. funtoosh

    funtoosh Active Member

    Messages:
    415
    Likes Received:
    11
    Best Answers:
    0
    Trophy Points:
    60
    #6
    Just delete all data, reset password, if possible get the ip range of that particular isp banned on ur host and just move on.

    Greets
     
    funtoosh, May 4, 2007 IP
  7. Juan Pablo Olivera

    Juan Pablo Olivera Peon

    Messages:
    53
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #7
    If you have SSH access look for hidden files inside your folders: ls -lha
    Also check if they injected your html/php files with iframes/includes or something like that.
    Use strong passwords! ;)
     
    Juan Pablo Olivera, May 11, 2007 IP
  8. randomIntellections

    randomIntellections Well-Known Member

    Messages:
    985
    Likes Received:
    13
    Best Answers:
    0
    Trophy Points:
    180
    #8
    also lookup your pc for keyloggers , unless your webhost has kept your server very insecure they cant gain access without your password .
     
    randomIntellections, May 13, 2007 IP
  9. nukepuppy

    nukepuppy Peon

    Messages:
    93
    Likes Received:
    9
    Best Answers:
    0
    Trophy Points:
    0
    #9
    if you can edit your firewalls

    theres lists out there to block china/korea/vietnam completely
    might wanna give that a try to help while you figure out what the problem is
     
    nukepuppy, May 20, 2007 IP