Thanks Thanks:  0
Page 1 of 3 123 LastLast
Results 1 to 10 of 25

Thread: *FIXED* Please don't go to my website until further notice *FIXED*

  1. #1
    Join Date
    Sep 2006
    State
    190 Yorktown Road, Craigmore SA
    Posts
    2,768
    Mentioned
    16 Post(s)
    Quoted
    287 Post(s)

    *FIXED* Please don't go to my website until further notice *FIXED*

    My website has been victim to malicius attack and has been setting off alarm bells the last couple of days.

    I have fixed it a couple of times, but keeps getting attacked.

    I cannot say if it is safe or not as I have no idea on what these hackers are trying to do.

    I will let everyone know when it is again safe to visit.

    If you have any enquiries, then you can call me direct on 0422 600 193.

    Cheers Danny.


    --edit--

    Here is the code that has been inserted

    *REMOVED*

    Any ideas?
    Last edited by gameroom; 9th January 2013 at 05:45 PM. Reason: Code removed, maybe causing some users issues

  2. #2
    Join Date
    May 2010
    State
    Sydney
    Posts
    355
    Mentioned
    0 Post(s)
    Quoted
    2 Post(s)
    IMO you should shut it down and create a temporary page for it, otherwise you'll get people not on AA with problems.
    Best of luck though.
    My computer/gaming/technology website: http://www.akumasden.com/
    Please check it out!

  3. #3
    Join Date
    Apr 2011
    State
    Hobart
    Posts
    1,968
    Mentioned
    6 Post(s)
    Quoted
    123 Post(s)
    Either there's an exploit on the server that hosts your site or you may have accidentally left some config file publically accessible which held credentials that are now being used to insert their code.

  4. #4
    Join Date
    Sep 2006
    State
    190 Yorktown Road, Craigmore SA
    Posts
    2,768
    Mentioned
    16 Post(s)
    Quoted
    287 Post(s)

    I use eCommerce which is widely used. If there is an exploit in that, then that could be the reason why 1000's of websites have been affected in the last few days.

    I have a new website being designed at the moment. May have to step it up a bit.

  5. #5
    Join Date
    Apr 2011
    State
    Hobart
    Posts
    1,968
    Mentioned
    6 Post(s)
    Quoted
    123 Post(s)
    General points of failure are the web server being compromised either Apache as the web server or the operating system, software exploit possibly an issue in eCommerce or user error in that they may have left an install file publicly accessible from when first setup and these have details such as username and password to the database which might be the same as a user's account details giving someone full control.

    Seems that it's not limited to any particular cms, there's some info at http://stopmalvertising.com/malware-...stats.php.html

  6. #6
    Join Date
    Feb 2010
    State
    Gold Coast
    Posts
    543
    Mentioned
    0 Post(s)
    Quoted
    11 Post(s)
    If you are running Wordpress or Joomla - couldn't hurt to upgrade to the latest version if you still have access.

    Cleaning up your .htaccess file (security) might be next on the list.

    Krumm is absolutely on the money if you are on shared hosting.

    Most of the time on the above couple of scenarios a backup and restore (even after the fact) can be of assistance (until next time).

    Arsehole script kiddies @ it again....Good luck with it.

  7. #7
    Join Date
    Sep 2006
    State
    190 Yorktown Road, Craigmore SA
    Posts
    2,768
    Mentioned
    16 Post(s)
    Quoted
    287 Post(s)

    I took the site offline, did a backup, and then did a restore from an older backup.

    Seems to be working, and Google has given it the "all clear" (although they said it can take a while for the warnings to disappear)

    Hopefully it fixes it all, but will see if it has been compromised again by the morning.

    The NEW website is being done with Wordpress. No more osCommerce.

  8. #8
    Join Date
    Nov 2007
    State
    Sydney, Australia
    Posts
    9,716
    Mentioned
    275 Post(s)
    Quoted
    1684 Post(s)
    Bad form from these bastards Danny. Hope you get it sorted soon.
    Dave
    ************************************************** *******************
    Remember--The early bird catches the worm, but the second mouse gets the cheese!

  9. #9
    Join Date
    Sep 2006
    State
    190 Yorktown Road, Craigmore SA
    Posts
    2,768
    Mentioned
    16 Post(s)
    Quoted
    287 Post(s)

    Quote Originally Posted by furballx View Post
    Hope you get it sorted soon.
    It was being attacked around 3am to 4am each day. Still all clear today so hopefully all good.

    Real test will be tomorrow morning.

  10. #10
    Join Date
    Feb 2012
    State
    VIC
    Posts
    337
    Mentioned
    2 Post(s)
    Quoted
    53 Post(s)
    Dang, wish I seen this earlier, just visited your site yesterday, Firefox didnt let me in though luckily.

    All the best on get it sorted!!
    "It's always funny until someone gets hurt and then it's just hilarious" - Bill Hicks


Page 1 of 3 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •