Hi Guys, We recently fell victim to some malicious code. Somehow some hidden java was added to our script. My questions are. 1. Why would someone do this? 2. Is it a real person or something else? 3. How did they/it access our site? Thanks.
Not sure this is the right forum for this topic but I will share my opinion and we can get moved together. 1. Because they are sick f**** with nothing better to do than destroy something for some spiteful purpose. 2. They are real people but read number 1 for what I think of the "person" quality. 3. The most common ways are via third party counters and advertisers twhere you have place code on your site. The next most common if they placed an Iframe on your pages is an insecure password or a bad host. I can't really anser this one without more information.
1. Why would someone do this? Because they can. 2. Is it a real person or something else? Mostly a real person using something else. 3. How did they/it access our site? Depending on many variables as stated above, it is a myriad of possibilities. Most attacks are done because security holes on either the code or the hosting company. There are many ways to hack a site but hackers are different from crackers. The former group, hackers, do what they do in a light non-malissious way to let the site's owner that they can be attacked seriously if they don't act on time. So these warnings are sort of a "favor" Crackers OTOH, are bad people, and these "dark siders" will even steel every data from you and even money if you are not taking necessary meassures to avoid being hacked. Common sense above all will keep you from being hacked and rely on the community and their experience. By community, I mean the whole WWW.
Ok how we stop this from happening again, our website was built by a website company, and we only have access to the CMS. Thanks
Not exactly sure I see how... the hosting provider can't be responsible for every malicious access to a site, especially if for example they gained access thru some shitty php code installed on the server. For a period of time installing phpNuke (CMS kinda like WP, etc), or phpBB message board software was a surefire way to get hacked, that wouldn't be the hosting provider's fault. Edit: besides he said "website company" doesn't necessarily mean "webhosting".
Majority of the time, hackers will find security holes via SQL injection, alter your Database records to include Javascript includes - which will either try to execute a dialer or inject web links like (for pagerank) or some other way to make money for themselves. I think hackers are past the point of destruction and now thinking in a "Lets not take um down, lets have them make me money or have it hack other websites for me" kind of fashion