At first glance, I thought about how this guy should get everything he deserves... but it seems to be a great (or terribly bad) way to knock someone's AdSense account off. I hope this isn't a recurring trend, but this whole issue is a symptom and not the problem itself. Your server or script on the site has a massive security hole.
Only with access to the HTML could they have changed it. Remember boys and girls : strong passwords, change them often. Sorry about your luck.
He mentioned that he hosted file uploads, anyone could've uploaded a script, or even exploited a bad form as an injection exploit to run an offsite script. There's nothing we can be certain of without facts. This should definitely be reported to the police. Things he should do: - Check the logs for strangely loaded messages like /index.php?content=http://freehosting.ru/offsitescript.txt/ - Check the upload directory for scripts. Then check the logs, find the IP of the person who perpetrated it, then notify the authorities. Chances are it'll be someone from some strange random country, and you won't be able to do anything about it.
Well, you could report this to Google, but I do not think that they will react. And the fact is if they ban that account it will not be right, because I could add right now one of your AdSense account numbers on my site and say someone hacked my site and should be banned. It is your fault that you let someone have access to the code of your site. If you have a security problem try to find it as soon as possible and fix it.
Definitely report this to the police once you've found their IP. I absolutely loathe injection exploiters. I'm crossing my fingers and hoping they originate from the US
I don't think that i will have luck with the police because i live in Greece. d0tc0m_bg, you're right.
If the exploit was done using an uploaded file, the scripter may have been smart enough to have the file erase itself after the deed was done. But, it underscores the need to have the correct permissions in directories. If the files are kept in a database, this underscores the need to trust no one and check all user submitted data. If the exploit is the result of using old scripts written by other people it underscores the need to keep all patches and upgrades up to date and the fact you cannot trust other people to be good coders. If you wrote the scripts it underscores the need for all programmers to learn as much as they can about security.
Sure 100% note down his pub ID replace it with yours (Or just keep it like that) and email google about it. Also if you by any means find out who this a$$ was then please post his name here.
Is your site html or php based? I heard a lot of php hacks, one of my friends can do everything if he wants..so you can't secure everything 100%.. the only thing you can do, to track, and catch the IP.. well if he is smart enough, he used proxy.. sorry for my skepticism, but there are plenty of things that are harder to achieve.. and did you set readonly at your htaccess ? There many ways to hack somebody, anyway I wish you good luck in this case.. Feel sorry for you
It's feasible he got in directly through your FTP. As I understand it, with regular/standard FTP, passwords are sent to the server in plain text (unencrypted). If the person had the right tools to monitor the traffic between you and your server, he could intercept your password and immediately have access. I don't know what it takes to get access between you and your server, but no doubt hackers do Anyhow, apologies if I'm wrong about this (like I said I don't know, I've only read a bit about it), though it could be worth following up on (i.e. check your FTP logs, and change your FTP passwords). You can use sFTP instead (secure), if your hosting supports it.
I doubt google will do anything. How would you prove that you didn't simply change it yourself to get the other user banned?
If somebody wants to hack you then be sure that he will do..I tried millions of protections for sites, servers, chats everything, but be sure that everything has bugs, anything can be hacked..what you can do is to track, and wait for the dumb hacker, I mean if he don't uses proxy...well that's rare..