Website Hacked - Accused of Internet Fraud - Webmaster General forum at WebmasterWorld

Forum Moderators: phranque

Message Too Old, No Replies

Website Hacked - Accused of Internet Fraud

photocroatia

12:25 am on Oct 13, 2005 (gmt 0)

I am having the unfortunate experience of having been hacked and now accused of having committed internet fraud.

It appears that a couple of days ago my website got hacked, imitating a banks website, apparently some other website was pointing to mine.

My website is now down , shutdown by the hosting company and I have not been told anything more by anybody.

Has anybody ever experienced anything like this?

I am an amateur when it comes to web security, php etc, I am/was using mainly scripts I have found on hotscripts etc .

The couple of weird thing that happened recently somebody upload to my website a scripts called **.php.jpg (I can’t remember the suffix), I allow upload of photos, is it possible to run a script on my server called by that name? (I only allow upload of .jpg files)

If I give someone user ftp access where they are restricted to directory could they have upload to their user directory and done the above?

Thank you.

moltar

1:05 am on Oct 13, 2005 (gmt 0)

This is a classic example of hacked website. The hacker probably uploaded *.php.jpg file to your server and then used some other exploit to rename it to *.php and run it. There are tons of bugs in various software packages.

Hackers probably hosted a bogus page of some bank and used the php script to mail bank details to some email address hosted somewhere else.

Tell your hosting company that you will fix the scripts and ask them to resume your account. Also ask for raw logs and look for suspicious requests.

If you run scripts that were written by someone else, you better stay current. Sign up to the mailing or announcement list of each script you host. Authors release new version often.

MatthewHSE

11:38 am on Oct 13, 2005 (gmt 0)

Also, when using stuff from Hotscripts and other similar sources, make sure you're using fairly new scripts. Lots of stuff there is several years old without an update; that's a lot of time for security holes to surface or go unpatched. Also, I'd suggest using only scripts that are either paid, with a reputable company behind them, or open-source with an active development and support community. That way, you're more assured of getting a good, secure script written by someone who knows what they're doing.

photocroatia

11:06 pm on Oct 13, 2005 (gmt 0)

Thank you very much for all of the good advice.

I am still waiting for anything from the hosting company, they are not replying to any of my emails/requests and my site is still down.

I am starting to get frustrated.

Herb75

11:42 pm on Oct 13, 2005 (gmt 0)

get new host and switch your dns

photocroatia

2:51 am on Oct 14, 2005 (gmt 0)

I wish it is that simple, I have 11,000 Photos online.

moltar

5:19 am on Oct 14, 2005 (gmt 0)

Try calling them.