My hackers are the smart kind. They upload files to obscure folders then use those as phishing attempts. The last one was for Halifax bank in the UK. Is there any way to see all of the modified files and folders for all of the recursive directories? I'm running cpanel.
What type of hosting account do you have? We may be able to help you better on ways to protected yourself.
You need to talk with your hosting company, the only reason your vb was hacked, is because of what you've done to it
Many hosts will help you secure your sites and prevent you being hacked, so I would talk to your host.
Well, if your in a shared environment, and especially using cPanel, you can't really monitor file/folder activity, unless you had internal access. I recommend you follow-up with your host from tech support. I don't know what languages your website is exercising, but if they have the rights as you are saying, I would consider using .htaccess control, lock your folders with a password, upload an index.html to each folder, and change your password to at least 12 characters at length, followed by a mix of numbers, letters, and symbols, and ascii is possible. Otherwise, give me a PM if you are still having trouble.
There are a few ways to prevent this type of thing. This isn't a "hack", this is a phishing attempt. They are two very, very different things. How to prevent this? #1: Turn off uploads. This will prevent individuals from uploading this kind of thing #2: Disable image uploads. Again, this will prevent individuals from uploading this kind of thing. #3: Store your upload folder OUTSIDE of the public_html root. VB can do this very easily, and it's always advised when you must have write permission #4: Store your uploads in the database, NOT in files.