8 {{ upvoteCount | shortNum }}
8 {{ upvoteCount | shortNum }}

My Clickbank Page got Hacked...

by st. mozzie
7 replies
Although I am royally pissed about this, I can't help but shake my head in slight amazement.

I have a Clickbank product that does alright, gravity floats between 5-10, so I get alright sales.

Im not sure exactly how, but someone was able to gain access to my server--I have a security background, and I checked all of my logs... there were no records of bruteforce attacks or anything of the sort.

This person placed an image on my site that's stuffing his Clickbank cookie for MY product!! Since he's been getting the commission for every sale Ive made since it's been there, God knows how much money he's made.

I dont even know how long this *******'s been stuffing my site.

I reported this to Clickbank already, and taken note of the cookie ID info, and forwarded that to them as well. I havent heard anything back yet, this was just yesterday that I discovered it.

I have to say though, I havent even thought about this possibility before. Anyway, love this forum, I can't believe I didn't join sooner. I'm glad to share this with you guys... check your Clickbank (or other affiliate) product pages!!
#clickbank #hacked #page
  • Profile picture of the author polimedia
    Banned
    [DELETED]
    {{ DiscussionBoard.errors[303118].message }}
    • Profile picture of the author st. mozzie
      Originally Posted by polimedia View Post

      Is the image actually on your site ? Or just a call to it inserted in your page ?

      If the image actually is on your site, why the heck is your php parsing jpg or whatever the heck ?!
      No the image was hosted elsewhere. I forwarded that info to Clickbank also, but it was a free host, so I doubt it will result in anything.
      {{ DiscussionBoard.errors[303147].message }}
  • Profile picture of the author Scott Million
    Wow that would have been detrimental if you had an army of affiliates. Someone spending a few hundred to a few thousand a day promoting your product via PPC would WALK...
    {{ DiscussionBoard.errors[303153].message }}
  • Profile picture of the author Mohamed_Mnafeg
    PM your url I know how to solve this problem
    {{ DiscussionBoard.errors[303160].message }}
    • Profile picture of the author Sean Hoffman
      I hope they were not using my latest WSO.



      Possibly an rfi in your web app ?
      {{ DiscussionBoard.errors[303176].message }}
  • Profile picture of the author st. mozzie
    Im not sure how they did it. It looks like the work of a script kiddie though.
    The shared host Im on apparently had a vulnerability to this type of attack. There are frameworks available that are essentially "point and click" exploits, so I wouldnt be surprised if it was just some amateur that saw a security hole and used someone else exploit to get in.

    I have notified my host about the situation... they wont care though.

    Do you think someone will be held liable for this? For some reason I don't see clickbank putting a whole lot of energy into this.
    {{ DiscussionBoard.errors[303528].message }}
  • Profile picture of the author st. mozzie
    Originally Posted by Ravivaarman Batumalai View Post

    Why don't you temporarily remove the payment link until you got the problem solved.
    Did that yesterday. I just want someone to be held accountable.
    {{ DiscussionBoard.errors[303539].message }}
    • Profile picture of the author robocallaghan
      Originally Posted by st. mozzie View Post

      Did that yesterday. I just want someone to be held accountable.
      Why not report it to the Police? Sounds to me that clickbank will have the payment details on file and your host may have extra access logs - something the police are good at looking into to see who and why they did it :-)

      Rob
      {{ DiscussionBoard.errors[304194].message }}

Trending Topics