Website Hacked

GuerrillaIM · 08-06-2009, 06:05 AM

Hey Guys,

I just had my thread deleted, I think because I named the incompetent host so I am re-posting without naming them.

Somehow a hacker got my ftp details and uploaded a trojan virus to all my index pages (I checked in ftp logs). I have changed my ftp account details and control panel password.

But here is the weird thing... I can't delete the files that have the trojan virus in! I get a "access denied error". I am using the same ftp account that the hacker used to upload the virus, they must have done a trick to stop me deleting it.

The host doesn't want to know about it and won't help me so I am on my own. It's a shared package so I dont have access to the server so I can't even go in as admin to delete.

Has anyone had this problem before? How did you fix it?

Thanks

GuerrillaIM · 08-06-2009, 06:30 AM

As a fix I am setting up all domains on my dedicated server and forwarding the dns. Long ass walk around but atleast I will be able to get it resolved and I can cancel the shared hosting package.

ecoverdesign · 08-06-2009, 06:37 AM

Hello,

a few of my sites got hacked to somtime ago. You can read more about this attack at:
Nine Ball attack strikes 40,000 Web sites - Network World

As far as I know you can not delete the infected files because the owner ID changed. Usually you just need to setup a main FTP account in your webhost control panel (or use the login info you use to access cPanel when you login via FTP) and then you will be able to delete the files.

Thomas

08-06-2009, 06:05 AM	#1
GuerrillaIM One Man Army War Room Member Join Date: Jul 2008 Location: London, UK Posts: 1,889 Thanks: 93 Thanked 308 Times in 181 Posts	Website Hacked - Can't delete virus Hey Guys, I just had my thread deleted, I think because I named the incompetent host so I am re-posting without naming them. Somehow a hacker got my ftp details and uploaded a trojan virus to all my index pages (I checked in ftp logs). I have changed my ftp account details and control panel password. But here is the weird thing... I can't delete the files that have the trojan virus in! I get a "access denied error". I am using the same ftp account that the hacker used to upload the virus, they must have done a trick to stop me deleting it. The host doesn't want to know about it and won't help me so I am on my own. It's a shared package so I dont have access to the server so I can't even go in as admin to delete. Has anyone had this problem before? How did you fix it? Thanks
	STOP THE UK GOVERNMENT SABOTAGING THE IM INDUSTRY: Sign The E-Cookie Petition Now!

08-06-2009, 06:30 AM	#2
GuerrillaIM One Man Army War Room Member Join Date: Jul 2008 Location: London, UK Posts: 1,889 Thanks: 93 Thanked 308 Times in 181 Posts	Re: Website Hacked - Can't delete virus As a fix I am setting up all domains on my dedicated server and forwarding the dns. Long ass walk around but atleast I will be able to get it resolved and I can cancel the shared hosting package.
	STOP THE UK GOVERNMENT SABOTAGING THE IM INDUSTRY: Sign The E-Cookie Petition Now!

08-06-2009, 06:37 AM	#3
ecoverdesign Pixelpusher War Room Member Join Date: Jun 2003 Posts: 313 Thanks: 4 Thanked 36 Times in 25 Posts Contact Info	Re: Website Hacked - Can't delete virus Hello, a few of my sites got hacked to somtime ago. You can read more about this attack at: Nine Ball attack strikes 40,000 Web sites - Network World As far as I know you can not delete the infected files because the owner ID changed. Usually you just need to setup a main FTP account in your webhost control panel (or use the login info you use to access cPanel when you login via FTP) and then you will be able to delete the files. Thomas
	Online eCover Generator - Easily Design All Your Marketing Graphics Right In Your Browser http://www.ecover-go.com