My account has been hacked
Author: admin admin Reference Number: AA-00281 Views: 21602 Created: 2013-03-25 11:29 Last Updated: 2013-03-25 11:43 0 Rating/ Voters

If your account has been hacked you should upgrade all your PHP scripts to the most recent versions then check through the account, normally once compromised with a Remote File Inclusion the attacker will leave a shell script for easy access in the future. For this reason we recommend backing up your entire account then requesting that we reset the account to ensure the hacked code is removed. Once you have your account backup and your account has been reset you can install the latest versions of any scripts, plugins and themes you were using. The latest version of such scripts are more likely to have been updated to prevent any known security vulnerabilities so it is important to keep all of your software up to date otherwise you leave yourself open to attack.


Before we can terminate your account and reset it, we need you to supply your transaction/order/sales or invoice number/id as proof of ownership of your account. If you are a freehosting client please provide your username and password for Vistapanel.

For further information on web security and how hackers exploit vulnerabilities please read below:

The majority of web site compromises happen because of:


1. Stolen FTP credentials. Spyware on webmasters' computers: key-loggers, traffic sniffers (FTP protocol sends username/password as plain text), trojans that steal credentials from various programs' configuration files (FTP clients, DreamWeaver, etc).

2. Security holes in popular web software: CMS (Joomla, Drupal, etc), Forums (phpBB, vBulletin, Simple Machines, etc), Blogs (WordPress). Once a vulnerability discovered, hackers configure their automated tools to search the web for websites running vulnerable versions of the software and exploit them. This can be done easily and at almost no cost when they have an army of zombie computers.

3. Security hole in "in-house" web software. Many novice (and even many experienced) web developers don't properly sanitize user input making various attacks possible (SQL injections, XSS, etc)

4. Poor security practices (Something that should be manually configured by site admins and cannot be fixed with automated security updates): Weak passwords, insufficiently strict permissions for limited accounts, files and directories with world write permissions, etc.


Please also look at the following articles:


http://en.wikipedia.org/wiki/Gumblar

http://www.google.com/search?q=mysql+injection

http://en.wikipedia.org/wiki/Cross-site_scripting

http://www.google.com/search?q=php+script+vulnerabilities

http://en.wikipedia.org/wiki/Remote_File_Inclusion

http://en.wikipedia.org/wiki/SQL_injection



Quick Jump Menu