olimits7 - 3:10 pm on Oct 5, 2012 (gmt 0) [edited by: incrediBILL at 11:19 pm (utc) on Oct 5, 2012]
Yes, that's what I'm trying to do by comparing the files I want to find out what vulnerability they used to hack into my site.
After looking at logs, I see they gained access by brute-force attach on my WordPress blog, and they ended up uploading this exact 404.php shell that this guy created.
I ended up securing my site more by applying different security measures, but now I'm in a cat and mouse game with this hacker. I find the site uploaded and I'm going through a DMCA takedown with each hosting company his site is listed on.
He is not using the site the way I built it; he is basically uploading it to different domains and has a "Work For Us" scam page.
I doubt he is going to make any use of what the site does because he does not have the network I have to provide these services, but it just looks bad for my company if his sites start getting scam reviews and people notice that it looks exactly like my site. I'm actually thinking of having my programmer re-design the layout of the site (e.g. graphics, box layouts, design, etc.) so it looks different.
My issue now is how long will I have to keep up this cat and mouse game before this hacker gives up?
If I keep on getting his sites taken down through DMCA, I would think eventually he will just stop doing this; well, at least this is what I hope he does.
[edit reason] removed URL, no links to harmful code please [/edit]
[edited by: incrediBILL at 11:19 pm (utc) on Oct 5, 2012]