53 {{ upvoteCount | shortNum }}
53 {{ upvoteCount | shortNum }}

Article Directories Hacked

by vicone
45 replies
I notice in my article submissions today that a number of article directories have been hacked.

I won't say who did it - there's no point in giving publicity to the vandal concerned.

However, if you own an article directory I suggest that you check the login and submissions links to be sure they're OK.

Ivan
#article #directories #hacked
  • Profile picture of the author Mark Clayson
    Are they on one particular platform?
    {{ DiscussionBoard.errors[1764515].message }}
    • Profile picture of the author vicone
      I'm not sure. I was rushing to make submissions and noticed trouble with a few but it did not at first occur to me that they'd been hacked.

      When I looked more closely at a later site which was proving difficult I realized that this was a problem I'd encountered earlier and then saw a statement from the perp boasting about what he'd done.

      Ivan
      Signature
      {{ DiscussionBoard.errors[1764706].message }}
      • Profile picture of the author vicone
        I've been removing hacked sites from my submission list but I find new ones are appearing. These latest sites are using the Article Dashboard software.

        Ivan
        Signature
        {{ DiscussionBoard.errors[1777880].message }}
        • Profile picture of the author dvduval
          Originally Posted by vicone View Post

          I've been removing hacked sites from my submission list but I find new ones are appearing. These latest sites are using the Article Dashboard software.

          Ivan
          Ouch, yes. It looks like hundreds or even thousands of sites were hacked in the last day or two.
          Signature
          It is okay to contact me! I have been developing software since 1999, creating many popular products like phpLD.
          {{ DiscussionBoard.errors[1787692].message }}
          • Profile picture of the author PatriciaJ
            It happened to my directory when I used AD. Somebody got in and tried to email all of the authors, I was lucky that my host didn't close me down as they did others. Another time a link to a Russian blog was placed right at the bottom of all of the pages. Another thing to watch out for is them linking to their own sites through your category titles at the top of your article pages.

            I changed passwords regularly after that and made sure they were hard to figure and I removed the edit templates function from admin. I think that somebody came up with an add on to deter hackers but can't remember where I saw that.
            {{ DiscussionBoard.errors[1787737].message }}
            • Profile picture of the author aborana
              Is there a quick fix for this problem? My directory appears to be hacked as well. Anyone knows what I need to do?

              Thanks
              Signature
              Proven Home Business Ideas and Opportunities
              Free Article Submission BizLog
              {{ DiscussionBoard.errors[1809888].message }}
              • Profile picture of the author TheRichJerksNet
                Originally Posted by aborana View Post

                Is there a quick fix for this problem? My directory appears to be hacked as well. Anyone knows what I need to do?

                Thanks
                Again I highly suggest upgrading to a custom solution... If you are serious about business then getting a custom solution should not give you any 2nd thoughts....

                James
                {{ DiscussionBoard.errors[1809948].message }}
                • Profile picture of the author GarrieWilson
                  Originally Posted by TheRichJerksNet View Post

                  Exactly why I custom code all my sites... Open source code is a target although I know many will not agree with that. Look at all the wordpress and joomla sites being hacked, it is because they are open source code and the hackers have full access to the code.
                  It's a target because it's popular. It's just easier to find exploites since it's open.

                  Originally Posted by TheRichJerksNet View Post

                  Again I highly suggest upgrading to a custom solution... If you are serious about business then getting a custom solution should not give you any 2nd thoughts....
                  You are so full of it.

                  What OS is your server on? A *nix flavor? If it is, you aren't serious about business.

                  I use open source, custom solutions, commercial and even modified open source sites. It all depends on whats needed, what's available and the project type.
                  Signature
                  Screw You, NameCheap!
                  $1 Off NameSilo Domain Coupons:
                  SAVEABUCKDOMAINS & DOLLARDOMAINSAVINGS
                  {{ DiscussionBoard.errors[1810045].message }}
                • Profile picture of the author aborana
                  Originally Posted by TheRichJerksNet View Post

                  Again I highly suggest upgrading to a custom solution... If you are serious about business then getting a custom solution should not give you any 2nd thoughts....

                  James
                  Do you mean just sticking with ArticleDashboard, but upgrading to a paid version? or completely changing to another article directory platform?

                  Fuad
                  Signature
                  Proven Home Business Ideas and Opportunities
                  Free Article Submission BizLog
                  {{ DiscussionBoard.errors[1810050].message }}
                  • Profile picture of the author GarrieWilson
                    Originally Posted by aborana View Post

                    Do you mean just sticking with ArticleDashboard, but upgrading to a paid version? or completely changing to another article directory platform.
                    He is saying make your own from scratch.

                    He is also a programmer and thats why he thinks that.
                    Signature
                    Screw You, NameCheap!
                    $1 Off NameSilo Domain Coupons:
                    SAVEABUCKDOMAINS & DOLLARDOMAINSAVINGS
                    {{ DiscussionBoard.errors[1810084].message }}
                  • Profile picture of the author TheRichJerksNet
                    Originally Posted by aborana View Post

                    Do you mean just sticking with ArticleDashboard, but upgrading to a paid version? or completely changing to another article directory platform?

                    Fuad
                    No I mean going and getting a custom coded script (NOT OPEN SOURCE CODE).. Those regular everyday adsense farms are becoming more and more useless as they are pretty much offering nothing.

                    I would go custom coded and have features built into the script that nobody else offers. Get a properly coded script you can have it secured so you do not have to worry about that hackers.

                    James
                    {{ DiscussionBoard.errors[1810111].message }}
                    • Profile picture of the author aborana
                      Originally Posted by TheRichJerksNet View Post

                      No I mean going and getting a custom coded script (NOT OPEN SOURCE CODE).. Those regular everyday adsense farms are becoming more and more useless as they are pretty much offering nothing.

                      I would go custom coded and have features built into the script that nobody else offers. Get a properly coded script you can have it secured so you do not have to worry about that hackers.

                      James
                      Recommendations and cost???
                      Signature
                      Proven Home Business Ideas and Opportunities
                      Free Article Submission BizLog
                      {{ DiscussionBoard.errors[1810122].message }}
                      • Profile picture of the author TheRichJerksNet
                        Originally Posted by aborana View Post

                        Recommendations and cost???
                        Find a coder, I no longer take on clients.. There is the programming forum here (go to the main page and scroll down you will see the programmer forum), you could post in there...

                        Ask about a custom solution and be very specific on what you would like.

                        James
                        {{ DiscussionBoard.errors[1810149].message }}
              • Profile picture of the author theimdude
                Originally Posted by aborana View Post

                Is there a quick fix for this problem? My directory appears to be hacked as well. Anyone knows what I need to do?

                Thanks
                Hi,
                I am using article friendly and it seem to be supported fairly well. He also do a uncoded version so instead of getting somebody to custom code for you buy the uncoded version which is secure currently and the owner supports it. The cost for the pro version is $50 and the uncoded one $89

                It is not as easy getting somebody just to code something for you as James say as he is a coder and the average coder out there is not going to fix your problem when you get hacked for free. To get a coder to do a site for you would cost a fair amount as well.

                You can try article ms as well but I don't like the features. There is a very nice wordpress article site plugin.

                As for wordpress and security I have over a 100 domains using WP and don't have any issues. There was a problem with 2.8 but the problem was fixed and WP seems very secure currently.
                The problem with James secure version of WP is that WP is open source and now he has a "non open source WP" which I don't like and every time WP is updated it will be an issue to update James's "secure version"

                We also need to remember that wordpress as a open source project is very well supported.

                Article friendly also have a script that you can convert your AD article to AF

                I think one golder rule that needs to be followed;

                1) Backup
                2) Make sure directories is not 777

                If you serous about your site the do rule 1 as if you do have a issue it is easy to rollback
                Signature
                Do you want 30 back-links in my PRIVATE BLOG network for ONLY $20 ???
                [LIMITED ACCESS + FREE ARTICLE INCLUDED OR YOUR OWN]

                CLICK HERE NOW
                {{ DiscussionBoard.errors[1917098].message }}
  • Profile picture of the author dvduval
    I heard that the code is encrypted too, meaning it is not as simple as just looking at the code and fixing the issue. Is that true also?

    (that is one of the reason we have kept phpLD's source code open)
    Signature
    It is okay to contact me! I have been developing software since 1999, creating many popular products like phpLD.
    {{ DiscussionBoard.errors[1792934].message }}
  • Profile picture of the author TheRichJerksNet
    Exactly why I custom code all my sites... Open source code is a target although I know many will not agree with that. Look at all the wordpress and joomla sites being hacked, it is because they are open source code and the hackers have full access to the code.

    James
    {{ DiscussionBoard.errors[1793041].message }}
    • Profile picture of the author Todd Sampson
      I noticed the other day while trying to set up Articlebot that 7-8 of the
      confirmation emails came back as ...hacked by so and so. So, yeah it
      looks like somebody hacked a bunch of directories running the same
      script.

      wishing you success,
      Todd Sampson
      {{ DiscussionBoard.errors[1793951].message }}
    • Profile picture of the author TheRichJerksNet
      Originally Posted by Nathan Segal View Post

      The only site I have experience with is Wordpress and yes, it can be hacked. I was hacked and I had to close down 3 of my blogs. With help, my 4th one was saved.

      It's also possible to close down many of the ways that hackers get in. It's not foolproof, from what I understand, but then again, I don't know of anything that is.
      Nothing is 100% secure Nathan, you're right ... But not using open source code will help you a great deal better. While many of those AD directories got hacked many of us that custom code our sites do not have to worry so much about it because our code is not in the open public.

      James
      {{ DiscussionBoard.errors[1826391].message }}
  • Profile picture of the author aborana
    If you have an Article Dashboard Directory, here's a temp solution for the problem!

    Article Directories Hacked by z7faan-h4ck3r
    Signature
    Proven Home Business Ideas and Opportunities
    Free Article Submission BizLog
    {{ DiscussionBoard.errors[1810037].message }}
    • Profile picture of the author aborana
      Originally Posted by aborana View Post

      If you have an Article Dashboard Directory, here's a temp solution for the problem!

      Article Directories Hacked by z7faan-h4ck3r
      The Warrior forum post shown above has been deleted. I do not know for sure why, but I think it happened after I submitted the entire HTML code that the hacker uses to destroy the site.

      For those who did not get to read the solution, here it is again.

      It seems like the entire code is placed in the "indexnav.tpl" folder (Article Dashboard Directories)

      Steps to clear the problem

      1-Change password to a stronger, hard to guess password

      2-Go to your "article" sub-folder in your site directory

      3-Open the "templates" folder

      4-Look for indexnav.tpl and open folder and inspect the code.

      5-if you have a backup folder, delete the infected folder, or replace the entire code with the healthy code you have in your back up file, and save the new folder under the same name "indexnav.tpl"


      At this point, your site should open without the annoying popups and scary video.

      Hope this helps
      Signature
      Proven Home Business Ideas and Opportunities
      Free Article Submission BizLog
      {{ DiscussionBoard.errors[1814198].message }}
  • Profile picture of the author Keith Choy
    Hi aborana,

    Thanks! I got hacked today as well. After looking at your steps, I was able to successfully cleaned up my AD site. Just to share that there were many TPL files hit. This includes files in admintemplates and templates directory (just in case other Warriors hit this same problem as well).

    cheers,
    Keith Choy
    Signature
    WealthMountains - One Step At A Time To Your Wealth
    {{ DiscussionBoard.errors[1824348].message }}
  • Profile picture of the author amitjain
    How can anybody hack these article directories is there any loophole in the platform ??
    {{ DiscussionBoard.errors[1824360].message }}
  • Profile picture of the author Terry Crim
    Whats the point? They going to steal your articles? Weird.
    {{ DiscussionBoard.errors[1826397].message }}
    • Profile picture of the author GarrieWilson
      Originally Posted by Terry Crim View Post

      Whats the point? They going to steal your articles? Weird.
      Use it to do drive by downloads, sends spam, etc.
      Signature
      Screw You, NameCheap!
      $1 Off NameSilo Domain Coupons:
      SAVEABUCKDOMAINS & DOLLARDOMAINSAVINGS
      {{ DiscussionBoard.errors[1826455].message }}
    • Profile picture of the author TheRichJerksNet
      Originally Posted by Terry Crim View Post

      Whats the point? They going to steal your articles? Weird.
      What is the point of having a secured website ??? Well I do not know about other people but I put my members first and that includes their personal info. Not only do I have my site monitored 24/7 along with several firewalls, I also have secure coding that I know I can trust because I coded it. I also have a 3rd party that monitors the site and everything is under 356 Bit-Encryption SSL...

      The point for me is caring about my members and my business but I can not speak for anyone else...

      James
      {{ DiscussionBoard.errors[1826472].message }}
      • Profile picture of the author Terry Crim
        What is the point of hacking an article directory.

        I was commenting on the surface of the OP. Yes I understand and agree with you about security.

        I wasn't thinking about the various devious reasons why to hack an article directory. I just saw the OP post thread title and to my mind articles sprang to the center of my mind.

        Of course thinking, which I really didn't put a lot of thought into the subject until further posts after mine. That phishing, download pushing virus trojan bot deviousness would of course make sense and be main point.

        My states main websites just got hacked over last few days, this is a common thing happening right now. Big push by pirates, scammers and spammers going on right now.

        - T


        Originally Posted by TheRichJerksNet View Post

        What is the point of having a secured website ??? Well I do not know about other people but I put my members first and that includes their personal info. Not only do I have my site monitored 24/7 along with several firewalls, I also have secure coding that I know I can trust because I coded it. I also have a 3rd party that monitors the site and everything is under 356 Bit-Encryption SSL...

        The point for me is caring about my members and my business but I can not speak for anyone else...

        James
        {{ DiscussionBoard.errors[1826562].message }}
        • Profile picture of the author TheRichJerksNet
          Oh opps .... sorry ... lol

          James

          Originally Posted by Terry Crim View Post

          What is the point of hacking an article directory.

          I was commenting on the surface of the OP. Yes I understand and agree with you about security.

          I wasn't thinking about the various devious reasons why to hack an article directory. I just saw the OP post thread title and to my mind articles sprang to the center of my mind.

          Of course thinking, which I really didn't put a lot of thought into the subject until further posts after mine. That phishing, download pushing virus trojan bot deviousness would of course make sense and be main point.

          My states main websites just got hacked over last few days, this is a common thing happening right now. Big push by pirates, scammers and spammers going on right now.

          - T
          {{ DiscussionBoard.errors[1826610].message }}
  • Profile picture of the author DigiCypher
    Can someone explain to me the mentality of people who do this kinda thing? Why go out and screw with others hard work? Just out of spite? Boredom? A vendetta or something? I just don't understand it... Apparently these people need the asteem high from being able to say they hacked something and screwed with thousands of people. It's the same thing I don't understand about people who creates viruses, adware, spyware etc.

    Just boggles my mind...

    Well anyway, hopefully you all who were affected get it sorted out.

    Best of luck.
    {{ DiscussionBoard.errors[1826466].message }}
    • Profile picture of the author TheRichJerksNet
      Originally Posted by DigiCypher View Post

      Can someone explain to me the mentality of people who do this kinda thing? Why go out and screw with others hard work? Just out of spite? Boredom? A vendetta or something? I just don't understand it... Apparently these people need the asteem high from being able to say they hacked something and screwed with thousands of people. It's the same thing I don't understand about people who creates viruses, adware, spyware etc.

      Just boggles my mind...

      Well anyway, hopefully you all who were affected get it sorted out.

      Best of luck.
      Many do it just to prove they can do it .. No reason at all behind it. Many also do it to get names, addresses, emails (personal info), and some others do it to toss adsense ads on your site to get those clicks even if it remains for 24 hours before the owner finds out...

      James
      {{ DiscussionBoard.errors[1826482].message }}
      • Profile picture of the author Marhelper
        So, if you do have a Joomla site what is the best way to hack-proof it? Have a long alphanumeric password ... what else?
        Signature
        {{ DiscussionBoard.errors[1826507].message }}
        • Profile picture of the author TheRichJerksNet
          Originally Posted by Marhelper View Post

          So, if you do have a Joomla site what is the best way to hack-proof it? Have a long alphanumeric password ... what else?
          I have not looked into Joomla sites although some asked me to create a product for it like I did wordpress. I just do not have the time to go through all their coding. Joomla is a massive monster compared to wordpress.

          Changing your password is not going to help very much, it is changing the coding so the hackers do not know what was changed that will help secure it.

          James
          {{ DiscussionBoard.errors[1826520].message }}
        • Profile picture of the author Keith Choy
          Originally Posted by Marhelper View Post

          So, if you do have a Joomla site what is the best way to hack-proof it? Have a long alphanumeric password ... what else?
          First thing to check is not to leave your directories with permission 777,

          Second thing is change your password to a stronger one.

          This are 2 quick simple steps.

          I agree with James that custom-codes is better. But the above 2 points still applies even for custom-codes.

          - Keith Choy
          Signature
          WealthMountains - One Step At A Time To Your Wealth
          {{ DiscussionBoard.errors[1826558].message }}
      • Profile picture of the author DigiCypher
        Originally Posted by TheRichJerksNet View Post

        Many do it just to prove they can do it .. No reason at all behind it. Many also do it to get names, addresses, emails (personal info), and some others do it to toss adsense ads on your site to get those clicks even if it remains for 24 hours before the owner finds out...

        James
        Yea i can see the reasoning there, as underhanded as it is. Sure would be nice if they'd just crawl back into their holes and go away. Or better yet, do something honorable and productive.
        {{ DiscussionBoard.errors[1826683].message }}
  • Profile picture of the author ratherton
    I just had this problem and fixed it as follows:

    I deleted the following directories and reuploaded them from the backup versions:
    /admintemplates
    /templates

    I also went in to "Edit Settings" as these morons had also changed things like the name of my site.

    That looks like it has fixed everything and I can find any other files that look out of places or with a dubious date/time stamp.

    If anyone from Mossad is reading this thread and needs to borrow a passport for a more permanent solution for this hacker, just send me a PM.
    {{ DiscussionBoard.errors[1829985].message }}
    • Profile picture of the author aborana
      Originally Posted by ratherton View Post

      I just had this problem and fixed it as follows:

      I deleted the following directories and reuploaded them from the backup versions:
      /admintemplates
      /templates

      I also went in to "Edit Settings" as these morons had also changed things like the name of my site.

      That looks like it has fixed everything and I can find any other files that look out of places or with a dubious date/time stamp.

      If anyone from Mossad is reading this thread and needs to borrow a passport for a more permanent solution for this hacker, just send me a PM.
      You might want to check your "Categories" setting as well. He added to categories to my directory. You delete added categories from the "manage Categories" or from "prefix_adminsettings" in MySql database.
      Signature
      Proven Home Business Ideas and Opportunities
      Free Article Submission BizLog
      {{ DiscussionBoard.errors[1833942].message }}
      • Profile picture of the author arunseo
        Dear Guys !

        Thanks for supporting......

        Now I am facing problem to admin login...it shows "INVALID LOGIN".
        Either My database have same login/pwd.

        Arun
        {{ DiscussionBoard.errors[1916714].message }}
      • Profile picture of the author arunseo
        Originally Posted by aborana View Post

        You might want to check your "Categories" setting as well. He added to categories to my directory. You delete added categories from the "manage Categories" or from "prefix_adminsettings" in MySql database.
        Hi !

        Thanks for supporting......

        Now I am facing problem to admin login...it shows "INVALID LOGIN".
        Either My database have same login/pwd.

        Thanks
        Arun
        {{ DiscussionBoard.errors[1917621].message }}
  • Profile picture of the author TheGraduate
    I would modify your opening post if I was you, hacking is not exactly a misdemeanor offense. You might not want your eyes, ears and nose to somehow be found to be connected to that in any way or form. (just a little advice)
    Signature
    amazing product coming soon!
    {{ DiscussionBoard.errors[1916869].message }}
    • Profile picture of the author Bosco
      Originally Posted by TheGraduate View Post

      I would modify your opening post if I was you, hacking is not exactly a misdemeanor offense. You might not want your eyes, ears and nose to somehow be found to be connected to that in any way or form. (just a little advice)
      Yeah, Graduate, when I first read the opening post I thought he must have some kind of inside information.

      But later realized that the perp put his handle on sites taking credit.

      If the authorities are suspicious of vicone, it's only because he's one of those people who can read. A dadgum reader.

      (Yes the previous line was an attempt at humor. I saw a comedian once who spoke of being in a southern state and he was outside reading a book and some guys walked by and one of them said, "Look at whut we got us here. We got us one of them READERS.")
      Signature
      Have you started ANY prepping yet? Got some back up food and water at least? (Just askin')
      {{ DiscussionBoard.errors[1918408].message }}
  • Profile picture of the author duia
    It is really a serious thing. I have never heard that many article directories sites can be hacked easily.
    Signature
    GetBrowser | Health Tips | LifeCares | Home Office Furniture Guide | Health Tips 101 Big Tips
    {{ DiscussionBoard.errors[1917682].message }}

Trending Topics