14 {{ upvoteCount | shortNum }}
14 {{ upvoteCount | shortNum }}

My Site was broken into

by junkdna
12 replies
I have an account with Hostgator and somebody broke into my account. He than used email addresses to send tons of spam. Hostgator than blocked all my emails and I had to call them to see what is going on. HG told me that I have a key-sniffer toryan on my PC. But, when I checked my PC with ESET NOD64 it had found nothing. I bet, there was no troyan on my PC, just somebody broke into their security.

Now, something similar happened on a site of my client, although he is hosted on a different company. Somebody replaced all the pages in his blog to parking pages with ads. They somehow changed FTP password.

Is there some sort of gang going around cracking hosting providers?
#broken #site
  • Profile picture of the author speedylikesKJ
    Security is something we all should be concerned about m rite now my own blogs get atleast 100/day attacks from diffrent hackers .. best bet is to create string passwords and keep changing them regularly
    Signature

    {{ DiscussionBoard.errors[8786572].message }}
  • Profile picture of the author Greedy
    I'm not sure how HostGator would know he got your password from a "key-sniffer trojan" on your computer?

    It would be pretty hard to tell how some got your password. Could of been 1 on 100 things.

    They might of just said that to divert the blame? IDK
    Signature
    {{ DiscussionBoard.errors[8786650].message }}
    • Profile picture of the author junkdna
      Originally Posted by Greedy View Post

      ... They might of just said that to divert the blame? IDK
      That's what I think as well.

      I was just curious to hear if anybody else had something similar.
      Signature

      Guys With Brains Work for Guys With Balls. Guys With Balls Work for Luck.

      {{ DiscussionBoard.errors[8786820].message }}
    • Profile picture of the author kpmedia
      Originally Posted by Greedy View Post

      I'm not sure how HostGator would know
      They should know. Any decent admin should know.

      The problem is that Hostgator first-line "support" techs are nothing more than glorified secretaries reading scripts. And the second-line techs are really lazy (and/or overworked) when it comes to troubleshooting. They'd rather just suspend users, not help them.

      For the zillionth time, this is EIG is. Find a better host.
      Signature
      FAQ: Need a Site5/Arvixe/Hostgator alternative? And who is EIG?
      Reviews:       Need a good VPS, dedicated server, or unlimited host? (This is NOT a fake "top 10" list!)
      {{ DiscussionBoard.errors[8787233].message }}
  • Profile picture of the author Kingfish85
    Originally Posted by junkdna View Post

    I have an account with Hostgator and somebody broke into my account. He than used email addresses to send tons of spam. Hostgator than blocked all my emails and I had to call them to see what is going on. HG told me that I have a key-sniffer toryan on my PC. But, when I checked my PC with ESET NOD64 it had found nothing. I bet, there was no troyan on my PC, just somebody broke into their security.

    Now, something similar happened on a site of my client, although he is hosted on a different company. Somebody replaced all the pages in his blog to parking pages with ads. They somehow changed FTP password.

    Is there some sort of gang going around cracking hosting providers?
    They should be able to see where the emails are coming from by monitoring the mail queue & logs. It's also possible that they simply don't want to do that since it takes time.

    My bet is that your website itself has been exploited and a script is being used to send SPAM from.
    Signature

    |~| VeeroTech Hosting - sales @ veerotech.net
    |~| High Performance CloudLinux & LiteSpeed Powered Web Hosting
    |~| cPanel & WHM - Softaculous - Website Builder - R1Soft - SpamExperts
    |~| Visit us @veerotech Facebook - Twitter - LinkedIn

    {{ DiscussionBoard.errors[8786694].message }}
    • Profile picture of the author Riggs
      Originally Posted by Kingfish85 View Post

      My bet is that your website itself has been exploited and a script is being used to send SPAM from.
      Probably this.

      Comparing the coding used in your own website to that of your client's website might assist you in identifying any potential areas of vulnerability.
      Signature

      Website: https://jacobriggs.io

      {{ DiscussionBoard.errors[8786706].message }}
  • Profile picture of the author PPC-Coach
    That is funny that hostgator claims YOU have a keyword sniffer.

    Use random passwords on every site you use. Use roboform to save them.

    Signature
    {{ DiscussionBoard.errors[8786846].message }}
  • Profile picture of the author TheUser
    I had a huge problem with this about a year ago, as some hackers (I think from the Ukraine) hijacked my site and uploaded porn and viruses on it. I would clean everything off and they would just keep coming back. Ruined my business at the time and forced me to completely change my plans. After fooling around with a few wordpress plugins designed to keep hackers out I finally figured out they had access to my FTP server somehow.

    Change your hosting passwords frequently. And clean your computer of viruses regularly as they can uploaded keyloggers and other Trojan horse software programs and wreak havoc.
    {{ DiscussionBoard.errors[8787149].message }}
  • Profile picture of the author Greedy
    They should know. Any decent admin should know.
    I meant how would HostGator know he had keyword sniffer on his computer?

    The password could of been stolen a lot of different ways, maybe the Adobe hacks ect.

    I just think that is a strange claim.
    Signature
    {{ DiscussionBoard.errors[8789005].message }}
  • Profile picture of the author mediamarket
    hostgator is known for diverting the blame on the customers. I would suggest leaving a bad review all over the net and charging back or getting a refund from them. they are crap hosting now.
    {{ DiscussionBoard.errors[8789136].message }}
  • Profile picture of the author mediamarket
    I had a MySQL error took me weeks and issue was never solved. they are crap.
    {{ DiscussionBoard.errors[8789140].message }}
  • Profile picture of the author s1d
    As someone who has a day time job in the computer security industry and who reads email logs and email headers all day long, I will say this:

    you should be able to find out the origin of the email from hostgators logs. if anything connected to their server and was sent out via their server, they have a log of it. they're suppose to keep a log for a certain amount of time, then they most likely dump the logs. most places keep logs for about a weeks time.

    hostgator should have no way of knowing if you have a keylogger or trojan on your computer. they're just giving you an easy answer so they don't look like an unsecure webhost. however, it's still a plausible cause for this to happen, so they fed it to you. good thing you ran a scan.

    if only your website/domain was sending out the spam, im guessing you're using an exploitable script or vulnerable copy of wordpress or something like that. May want to make sure you're using the most up to date copy of all scripts on this domain.
    {{ DiscussionBoard.errors[8789313].message }}

Trending Topics