1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Dollarseohosting - all sites hacked

Discussion in 'Black Hat SEO' started by Russian425, Nov 11, 2013.

  1. Russian425

    Russian425 Regular Member

    Joined:
    Jun 7, 2011
    Messages:
    304
    Likes Received:
    145
    So, I just signed up with dollarseohosting. Moved 10 domains to it, now ALL OF MY 10 domains hacked ...
    WTF?
     
    • Thanks Thanks x 1
  2. cool.dude123

    cool.dude123 Jr. VIP Jr. VIP Premium Member

    Joined:
    Oct 23, 2011
    Messages:
    945
    Likes Received:
    1,113
    Location:
    UK
    running wordpress by any chance?
     
  3. sameer5762

    sameer5762 Elite Member

    Joined:
    Sep 23, 2009
    Messages:
    5,228
    Likes Received:
    1,468
    Occupation:
    Software engineer
    Location:
    http;//sameer5762.com
    Home Page:
    This is the reason why i dont resommend cheap or free hosting..

    I had suffered a lot of past

    Thanks
     
  4. Russian425

    Russian425 Regular Member

    Joined:
    Jun 7, 2011
    Messages:
    304
    Likes Received:
    145
    Yea, however, I have few different hosting companies, same configuration on all of them. Same security plugins, wordpress up to date. The only ones got f*ked are the ones on dollarseohosting
     
  5. Panther28

    Panther28 Elite Member

    Joined:
    May 2, 2010
    Messages:
    2,268
    Likes Received:
    3,405
    Occupation:
    Internet.
    Location:
    Internet.
    what do you mean by hacked exactly? I've noticed sometime when you move host that your domain resolved to a different site while the process is happening. Isn't dollarseo a member here?
     
  6. b520fp0

    b520fp0 Regular Member

    Joined:
    Aug 29, 2010
    Messages:
    202
    Likes Received:
    31
    Had my shared Hosting account at Hostgator hacked last week. WP sites. Fortunately was just the index.php file the added on all domains and subdomains. Some group having to do with Indonesian Muslin Army or something like that. Looks they probably got in through my cpanel. I have a VA in Indonesia so I was thinking something must have come in through his computer but not sure. Changed the password and ran scans on all my computers and had my workers do the same but didn't find anything. Made sure all plugins are uptodate, WP uptodate, made backups, changed passwords, not sure what else to do or how they got in. VA no longer has access to Cpanel is the only change i could think to implement.
     
  7. Russian425

    Russian425 Regular Member

    Joined:
    Jun 7, 2011
    Messages:
    304
    Likes Received:
    145

    What I mean is you have a message saying "Your site got hacked by so and so"
     
  8. Panther28

    Panther28 Elite Member

    Joined:
    May 2, 2010
    Messages:
    2,268
    Likes Received:
    3,405
    Occupation:
    Internet.
    Location:
    Internet.
    SO?

    It would help if you clarified the exact message, we can have a dig around
     
  9. ThunderC

    ThunderC Power Member

    Joined:
    Jul 6, 2010
    Messages:
    697
    Likes Received:
    208
    Occupation:
    Adult Webmaster
    Exactly the same case here. 100's of sites on diffrent hosts, and only those that were on http://www.dollarseohosting.com got hacked, twice.
     
  10. kochhansie

    kochhansie Regular Member

    Joined:
    Mar 9, 2013
    Messages:
    393
    Likes Received:
    95
    Home Page:
    I have exactly the same issue, they said it was only 6 sites, I have 5 hosted and all 5 got hacked, luckily it's my private network sites and not my money sites. I sent a message lets see what they come back with.

    they sent a mail over the weekend trying to state its user computer or a keyboard hack, clearly their hosting is vulnerable!
     
    • Thanks Thanks x 1
  11. lizmoz

    lizmoz Power Member

    Joined:
    Oct 10, 2008
    Messages:
    560
    Likes Received:
    328
    using filezilla by any chance?

    that fucking piece of shit stores passwords in plaintext -- can't believe why they don't fix it...the ui is awesome and everything else works as well.
     
    • Thanks Thanks x 1
  12. GriffonVult

    GriffonVult Jr. VIP Jr. VIP Premium Member

    Joined:
    Mar 29, 2010
    Messages:
    106
    Likes Received:
    78
    Gender:
    Male
    This is the second time this happens in like a month. I'm done with this host
     
    • Thanks Thanks x 2
  13. niloydaemons

    niloydaemons Junior Member

    Joined:
    Jun 23, 2012
    Messages:
    186
    Likes Received:
    71
    dollarseohosting is not recommended by many internet marketers I guess u learnt a lesson :)
     
    • Thanks Thanks x 1
  14. crazyb

    crazyb Junior Member

    Joined:
    Jul 15, 2011
    Messages:
    154
    Likes Received:
    21
    You have to use SFTP as a protocol (if your hosting allows it), which is available as an option in FileZilla. So it's not about the Filezilla it's about how you use it.
    However on your computer passwords will be stored in a plain text, so you have to keep your comp secure.
     
  15. slim_dusty

    slim_dusty Jr. VIP Jr. VIP Premium Member

    Joined:
    Jun 5, 2011
    Messages:
    392
    Likes Received:
    115
    Location:
    Middle earth
    Wordpress sites are particularly vulnerable to hacking just by virtue of the fact it is such a popular platform. I found this previous post quite useful and recommend anyone who uses wordpress to have a look at this guide, irrespective of who you have your hosting with. I now use better wp security plugin and have had no problems so far. It's also really important to have a backup stored separately to the host server, so I get auto emails send to me (with the email hosted on another server).

    http://www.blackhatworld.com/blackh...uide-secure-your-wordpress-website-howto.html
     
  16. ThunderC

    ThunderC Power Member

    Joined:
    Jul 6, 2010
    Messages:
    697
    Likes Received:
    208
    Occupation:
    Adult Webmaster
    i agree that wordpress is popular and because of that it's a target for hacking, but that's not the issue here, i been using wordpress for years, and never been hacked (even without the security plugins), why? because the host always had the server secured, if the server is not secured, then no matter how you protect your wordpress (I for example had better wp security installed and 100 strength passwords), it still won't help, if the hacker can inject or change things on the server level, heck i'm even sure if i had a 2 step authorization with an sms, i would have still gotten hacked, because the server is wide open and the hacker didn't get in by "logging" in

    dollarseohosting was my worst hosting experience is the 12 years that i been in the online biz, i am done with dollarseohosting, and i have learned my lesson, if a hosting sales man, tries to be "friends" and right away asks for good reviews on various forums (even before setting up my accounts) then something is wrong.

    on a side note, I didn't have a separate backup stored, which was my fault and i can't bitch about having to rebuild the sites as i didn't expect to be hacked twice in 1 month because of the host negligence.
     
    Last edited: Nov 12, 2013
  17. ewandy

    ewandy Junior Member

    Joined:
    Aug 14, 2009
    Messages:
    186
    Likes Received:
    60
    Occupation:
    In case ish Advisor
    Location:
    In Darkness
    So fist things first, they are seriously downplaying the hacking effect. They say 6 sites were hacked. Just read through the thread i can count more. I got all my 7 hacked.

    This is not OUR FAULT! It's not a wp issue but server side as mentioned above. I have login limiter and 16+ char long password with special chars uppercase and numbers in it. No way that someone could've wasted that much resources to hack my puny wp site. And this didn't happen the first time either

    Silver lining!!! Everything isn't lost :). They have hijacked the title and added a javascript widget. If you remove those your site is back and it's intact. If they would've really hacked wp they would've wiped it out completely. I have no idea where the widget is hidden cause my designer got it removed.

    The hack is some kind of sql injection or what not
     
    • Thanks Thanks x 1
  18. Russian425

    Russian425 Regular Member

    Joined:
    Jun 7, 2011
    Messages:
    304
    Likes Received:
    145

    Exactly, same thing happened here. Changed the title and added the widget, they also switch the wordpress username / pw to something default, so yes, looks like it was an SQL injection or something similar.
     
  19. executed

    executed Power Member

    Joined:
    Feb 19, 2012
    Messages:
    700
    Likes Received:
    200
    Sorry to hear that. I believe Imblackhatter supports or runs this service. I'm sure there's an explanation coming.
     
  20. Laubster

    Laubster Senior Member Premium Member

    Joined:
    May 21, 2013
    Messages:
    1,008
    Likes Received:
    377
    Occupation:
    Self employed
    Location:
    I Travel A Lot
    Home Page:
    Agreed, had nothing but problems with my private blog network sites I put on free hosting. Have had good luck with cheap hosting though, but usually $6/year or whatever.