Welcome to WebmasterWorld Guest from 54.211.82.105

Forum Moderators: mack

Message Too Old, No Replies

I was hacked, what is the proper sequence of events

what should I do first

     
2:39 pm on Jun 13, 2008 (gmt 0)

Full Member

10+ Year Member

joined:Mar 8, 2003
posts:234
votes: 0


So.. I have had the good luck of never having encountered this before now.. but now that I have I am completly unprepared for what needs to be done. (which is why I put this topic in the new to dev area).

I want to make it as hard as possible on the perps but don't know where to start. I am sure a call to my local police department wouldn't be quite right... also I am sure a phone call to a fbi office wouldn't be quite right either.. so who do I call? Should I notify my hoster (TCH) and let them take it from here?

I have so far pulled down an archive of the site, and upon extracting it locally found out that there is a system.php infected with PHP.RSTBackdoor so we may be looking at more than just the domain it was centered in..

Any help? Thanks.

10:38 pm on June 14, 2008 (gmt 0)

Full Member

10+ Year Member

joined:Mar 8, 2003
posts:234
votes: 0


Really? No one can offer me any advice.
5:08 pm on June 15, 2008 (gmt 0)

Full Member

5+ Year Member

joined:Jan 29, 2008
posts:243
votes: 0


It depends. If hacker took CC numbers and other private data, you need to talk to cyber police (a special police division created to look into this kind of crimes). In most cases you upload frash last good known backup copy of your site. Change all ftp / sftp /ssh password and send information to your host.

HTH