11 {{ upvoteCount | shortNum }}
11 {{ upvoteCount | shortNum }}

I've been Hacked! Found URLs in the code.

by lcombs
9 replies
Several of my sites have been hacked.

They are all sub-domains that contain mostly free stuff for my subscribers.
As a result my subscribers don't get the products.

Everything in the directories has been wiped out and the main page has been replaced with a scrolling video saying the site has been hacked by "The General".

I downloaded the file and opened it in notepad.

At the top of the code I found these 2 URLs:

http://plustravian.com/vb/

Ripway.com - fast, free file hosting and website hosting

These sites, I assume, are somehow connected to the hacker.

Travian is an online game and h1 ripway is a free hosting site.

Any thoughts, comments, or suggestions would be welcomed.
#code #found #hacked #urls
  • Profile picture of the author Killer Joe
    Sorry to hear about that.

    Were these WordPress or html sites?

    KJ
    Signature
    {{ DiscussionBoard.errors[1808166].message }}
  • Profile picture of the author jennypitts
    Be aware of these scumbags! A couple of weeks ago it happened to a friend of mine and it was a nightmare. These criminals started to upload Radical Terrorist messages and hate messages against the US. I read that they also attacked bigger sites and networks like Facebook too. I suggest that you contact your host so they can recover and set your site to the date before you were hacked. That will fix the problem. Also, change your .htaccess and passwords to restrict them from hacking again. You should also do a full scan on you computer in case they also hacked it and are accessing your sites and information from there.
    Signature
    Traffic Exchange - Solo Ads - Contact Solo Ads
    Social Networking For Internet Marketers to Increase Traffic to Referral Program or Site.
    {{ DiscussionBoard.errors[1808197].message }}
  • Profile picture of the author jasonboom
    I would also remove the links to their sites from this post. No reason to give them link-love.
    {{ DiscussionBoard.errors[1808249].message }}
  • Profile picture of the author TheRichJerksNet
    Always make backups of your stuff and keep at least 2 months worth of backups at all times. Keep them on your hard drive and do not depend upon the host to do your backups for you.

    You should be able to contact your host and get everything restored (depending upon the date of their backup). This does not fix the problem of hacking though, you should fix the problem of hacking before going live again.

    If this was wordpress then you need to secure it and do not depend upon any plugins or wp itself to secure it for you. You should be careful with what themes and plugins you use for your blog, only use those from "trusted" sources.

    You may want to scan your computer for keyloggers as that could be where the hacking come from...

    James
    {{ DiscussionBoard.errors[1808252].message }}
  • Profile picture of the author lcombs
    They were HTML sites.

    They were all sub-domains linked to from my auto responder.
    No real damage was done other than some newer subscribers didn't their stuff.

    Definitely have everything backed-up.
    Took about 2 hours to put everything back the way it was.

    Funny thing...
    There were Arabic characters on the hackers page.
    I hit the "translate" button and the messages were pretty hateful.

    I have a download protection script but the instructional videos are so poor I can't figure it out.

    If anyone wants to look at the code in a text file I'll zip it and provide a download link.
    Signature
    https://www.facebook.com/pages/Fresh...55326481208883
    {{ DiscussionBoard.errors[1808560].message }}
  • Profile picture of the author lcombs
    Don't know. Often wondered that myself.

    At the end of the little video he said "Game Over".

    Then "This is not a game. This is my job".

    Someone once told me that viruses are created by people who hate Microsoft.
    Someone else told me they were created by the anti-virus companies.

    I personally think it's just twisted people who think it's funny to know that they've screwed somebody.

    The thing is, I'm "small potatos" compared to so many other IMers. Why screw with me.
    And, the sites he hacked were just free stuff I was giving to my subscribers.
    He may or may not have taken anything but, all he really did was screw up my free downloads.

    I've been wanting to change servers but it's such a pain in the ass to move everything. Maybe now would be a good time.
    Signature
    https://www.facebook.com/pages/Fresh...55326481208883
    {{ DiscussionBoard.errors[1808715].message }}
    • Profile picture of the author Janet Sawyer
      Originally Posted by lcombs View Post


      Someone once told me that viruses are created by people who hate!.
      Someone else told me they were created by the anti-virus companies.
      Well, the main point is, that someone has gotten access to your sites.
      They know your user/admin name, and they know your password.
      They may not be logging in as a human, but as a robot.

      Check YOUR PC or any other computer in the house that connects to the interenet.
      Download and Run ccleaner on each one of them
      Download and Run hijack this on each one of them.

      If you use smart FTP - stop using it on any of them.
      There is a problem with this program as it stores usernames and passwords in plain text files.
      If someone has hacked into any one of your pc's, well they have access to this file and - your sites will get hacked if they can't hack your bank account or credit card details.

      Change all the password to any hosting accounts that you have.
      Not Tomorrow, NOW!
      Signature
      {{ DiscussionBoard.errors[1808770].message }}
      • Profile picture of the author lcombs
        Originally Posted by Janet Sawyer View Post

        Well, the main point is, that someone has gotten access to your sites.
        They know your user/admin name, and they know your password.
        They may not be logging in as a human, but as a robot.

        Check YOUR PC or any other computer in the house that connects to the interenet.
        Download and Run ccleaner on each one of them
        Download and Run hijack this on each one of them.

        If you use smart FTP - stop using it on any of them.
        There is a problem with this program as it stores usernames and passwords in plain text files.
        If someone has hacked into any one of your pc's, well they have access to this file and - your sites will get hacked if they can't hack your bank account or credit card details.

        Change all the password to any hosting accounts that you have.
        Not Tomorrow, NOW!
        I immediately changed my password.
        I use 1and1 web hosting.

        I will run ccleaner and hijack this.

        I use Filezilla.

        Thank all of you for your concern and help.

        That's what I love about this forum.
        I'm sure there are a few "bad apples" but for the most part, it's a brother/sisterhood.
        Signature
        https://www.facebook.com/pages/Fresh...55326481208883
        {{ DiscussionBoard.errors[1808878].message }}
  • Profile picture of the author lcombs
    Download Protection Script.

    I'm not supposed to give this away but, not only might it save some of you from being hacked, but, if somebody can decipher his instructions and tell me how to use it, that would be great.

    Since I'm not supposed to give it away, I'll take it down in an hour or so.

    www.combsinfo.com/dps.zip
    Signature
    https://www.facebook.com/pages/Fresh...55326481208883
    {{ DiscussionBoard.errors[1808852].message }}

Trending Topics