Latest Announcemnent
New thread
Status
Not open for further replies.
Hello,
We have 3 of our client's cpanel accounts hacked. Please read this carefully before starting a blame game.
The hacks were done through the client's scripts itself. Someone was just hacking the sites on the same IP.

For example, a site which was running wordpress, was hacked through a backdoor in its theme files.
We are still checking on the other forum scripts regarding how it was done.
If the server was compromised, all accounts would have been affected and the hacker would have done more.

We have been in this business for over 16 months, and we have taken extremely cautious steps to make the server secure.

But there are still several exploits and backdoors in every nulled script, nulled plugin that you install which might cause this.
 
charger said:
Hello,
We have 3 of our client's cpanel accounts hacked. Please read this carefully before starting a blame game.
The hacks were done through the client's scripts itself. Someone was just hacking the sites on the same IP.

For example, a site which was running wordpress, was hacked through a backdoor in its theme files.
We are still checking on the other forum scripts regarding how it was done.
If the server was compromised, all accounts would have been affected and the hacker would have done more.

We have been in this business for over 16 months, and we have taken extremely cautious steps to make the server secure.

But there are still several exploits and backdoors in every nulled script, nulled plugin that you install which might cause this.
Click to expand...

charger in this case you need to read this :
http://www.wjunction.com/showthread.php?t=60541&page=5

It was totally fault of server you know also that there was something compromise with server protection or u guys were having old version of protection whateva which I dont know... btw u cannot say that its our board issue bcoz 20+ sites got hacked in very same min so how can u blame this to our faults? Really is it make any sense?
 
yes but it was only defacing of sites nothing more could he do
but yeah you learn as you go - put more effort into learning about
how to make your sites safe
 
The reason multiple sites got hacked: All on 1 IP, all hacked sites had vulnerable exploits. Site that did not have any vulnerabilities where not hacked.
It's most likely not the hosts fault, as the OP says he is using a really old IPB nulled board. That's asking for problems. And therefor you got "hacked".

Nothing to worry about. Make a IPB back-up. Move everything (as a backup) to a different folder. Reinstall IPB. Install your mods (if any). Import your IPB backup.
 
Do you really think someone would go from site to site manually defacing them when he can root the server(or shall I say VPS since it's OpenVZ kernel?) within 10 minutes and execute mass.pl(perl script that replaces all index files).

Sadly, ScorpioHost doesn't even realize they got rooted, although they were(or are?) running an outdated kernel that can be rooted easily by a public localroot exploit.
 
x Tempz x said:
How do you know the hacker even knew how to root a server? :|
Click to expand...

There is a public exploit for that kernel. He just needed to execute it on the server. Anyone with basic Linux knowledge(actually, there are loads of tutorials and videos on youtube about it) could manage to root the server.
 
champ of champs said:
Hi guys,

My sites got hacked by Stupid hacker..

last night he hacked my cpanel first then he deleted my user id from Latestpirate.com & my other 2 web were working fine...

For now I closed LatestPirate.com & I will restore it today..

but today when I came so I saw that www.extremepirate.com & www.heavenplaza.com also got hacked.. He hacked my personal account in both of sites but my other account still working. I can still acess in admin cp of both sites.. So Can Anyone help me in this case to restore my both sites?

Board: IPB 2x3 I was using..

I checked Index file but everything look fine dont know what he did..

I contacted with scorpiohost.com but still waiting for d reply :(

Hacker I.p and Email I got this from admincp

173.0.1.248

love1932@live.com

Help need :(
Click to expand...


my site was also hacked like this.....what to do
 
Status
Not open for further replies.
Back
Top