1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Got Hacked the 3rd time on Justhost..

Discussion in 'BlackHat Lounge' started by Bross, Aug 22, 2011.

  1. Bross

    Bross Senior Member

    Joined:
    Feb 6, 2010
    Messages:
    859
    Likes Received:
    355
    Oh man..

    My sites are as secure as they could be.. I researched hacking the first 2 times it happened - And here it is again.

    JUSTHOST IS FRAGILE!

    I am mad I host 2 whitehat sites on justhost.. I should have known better.
    My whole account was damaged by someone who tells everyone against Iran to go fuck themselves... As if I really care about Iran ;)
     
    Last edited: Aug 22, 2011
  2. shadow1200

    shadow1200 Junior Member

    Joined:
    May 14, 2011
    Messages:
    128
    Likes Received:
    32
    Sorry to here that...
     
    • Thanks Thanks x 1
  3. todor

    todor Regular Member

    Joined:
    Feb 7, 2011
    Messages:
    394
    Likes Received:
    218
    I got hacked too and all my websites was deleted... Just host hosted as well as you...

    I didn't find out how this guy could do it... FTP or SQL injection I suspect.

    I don't know if this has something to do with the hosting company though
     
    • Thanks Thanks x 1
  4. Bross

    Bross Senior Member

    Joined:
    Feb 6, 2010
    Messages:
    859
    Likes Received:
    355
    I once again realize why commercial sites don't use wordpress.. But Drupal or hard coding.
     
  5. seoguy81

    seoguy81 Power Member

    Joined:
    May 18, 2011
    Messages:
    779
    Likes Received:
    163
    Occupation:
    Full time IM
    Location:
    My Desk
    Sad!! Not to go off topic but few weeks ago I received a very phishy email from a justhost.com server that spoofed the gmail login page. When I reported this (email headers & the website) to Justhost.com they cared two hoots about it. Goes to show how unprofessional these jerks are.
     
    • Thanks Thanks x 1
  6. Drink More Tea

    Drink More Tea Regular Member

    Joined:
    Apr 15, 2011
    Messages:
    208
    Likes Received:
    166
    It is probably a vulnerability in some software you are hosting, instead of there being any error on their part.
     
    • Thanks Thanks x 1
  7. Bross

    Bross Senior Member

    Joined:
    Feb 6, 2010
    Messages:
    859
    Likes Received:
    355
    It could be, but is unlikely.

    Justhost hosts 2 whitehat sites and a few others.
    Other hosting accounts I have in some other companies host MANY more sites configured exactly the same and are very well secured (As much as possible with wordpress).

    Other hosting accounts were never hacked even though they are aged way more than my time with Jushost.

    I have no complaints. I know what I get for $3 per month; just so everyone knows that justhost are fragile.
    3 Times ain't a coincidence, I am working full time on these sites, they aren't after work ventures and have my full attention.


     
  8. hurn

    hurn Power Member

    Joined:
    Jan 21, 2009
    Messages:
    692
    Likes Received:
    191
    you should learn a lesson and time to change your hosting. May be some viruses on your PC that can save the passwords.
     
    • Thanks Thanks x 1
  9. todor

    todor Regular Member

    Joined:
    Feb 7, 2011
    Messages:
    394
    Likes Received:
    218
    Otherwise Justhost support was extremely helpful and recovered all my server data, though I haven't done a single back-up (learned my lesson)... but before they do that I slept one night like broken...

    This is a useful reading about this subject:
    http://25yearsofprogramming.com/blog/20070705.htm
     
    • Thanks Thanks x 1
  10. thevil

    thevil Junior Member

    Joined:
    Aug 17, 2010
    Messages:
    190
    Likes Received:
    189
    IMO before you go blaming a host, find out what caused the hack to happen. Ask questions, use Google, and most importantly go through the logs. Most likely it was a fault on the user/software/coding design. You never 777 on shared hosts and always check your plugins for possible exploits. Most people effected by web host hacking is due to a spider/hacker that 'gets' low hanging fruit.
     
    • Thanks Thanks x 1
  11. Sleinad

    Sleinad Senior Member

    Joined:
    May 1, 2010
    Messages:
    899
    Likes Received:
    520
    Occupation:
    Internet Marketing
    Location:
    Nottingham, UK
    I use Justhost for all my websites and have never been hacked. I use wordpress on all of the websites, and always update as soon as I can.

    You probably have a keylogger on your computer so they know all your passwords even when they are changed...lol
     
    • Thanks Thanks x 1
  12. softwareprogram

    softwareprogram Junior Member

    Joined:
    Jun 2, 2011
    Messages:
    154
    Likes Received:
    64
    Occupation:
    Business Owner
    Location:
    Hong Kong
    Well I believe you using free themes copied from any free template sites, or you are already compromised .. you better clean all of your plugins, connect to FTP and delete them manually all the folders.. check for recent page code insertion history and install any wordpress security plugin and than you are set :) also keep your wordpress updated to the latest ver
     
    • Thanks Thanks x 1
  13. Bross

    Bross Senior Member

    Joined:
    Feb 6, 2010
    Messages:
    859
    Likes Received:
    355
    Well well.. Once again today, this time one site.

    The hacker is targeting Hebrew sites; He is from Iran and he doesn't like me being from Israel I guess.
     
  14. fuskaren

    fuskaren Junior Member

    Joined:
    Feb 20, 2011
    Messages:
    169
    Likes Received:
    32
    Occupation:
    Internet Marketing, Student
    Location:
    Sweden - 127.0.0.1 - Home
    Have you checked you computer? So you are sure you don't have any keylogger or other stuff on it. I don't think the problem is on JustHost because then we would have seen other who got hacked. I use JustHost and have never been hacked.
     
    • Thanks Thanks x 1
  15. sukataetumba

    sukataetumba Senior Member

    Joined:
    May 25, 2010
    Messages:
    1,109
    Likes Received:
    213
    must be some exploit on justhost.

    I think crazyflx's site was hosted there as well and it got hacked too
     
    • Thanks Thanks x 1
  16. kalekom

    kalekom Junior Member

    Joined:
    Jul 25, 2008
    Messages:
    172
    Likes Received:
    356
    Occupation:
    CEO - SEO
    Location:
    here
    Home Page:
    Same here, got hacked. They used timthumb vulnerability. Got all the scripts they were using...
     
    • Thanks Thanks x 1
  17. Bross

    Bross Senior Member

    Joined:
    Feb 6, 2010
    Messages:
    859
    Likes Received:
    355
    What's timthumb? I see it's a resizing thing; does it come with wordpress?

    BTW here's a tip for you that were hit and need to reinstall wordpress.
    Instead of going through FTP and lose your mind, type in: "/wp-admin/update-core.php/ and click reinstall wordpress :)



     
  18. Bross

    Bross Senior Member

    Joined:
    Feb 6, 2010
    Messages:
    859
    Likes Received:
    355
    I bought a new computer last week, it was just before I fixed my sites and used it to change the passwords and take care of the sites.
    The computer has nothing on it, there's no keylogger because there's just nothing on it - Didn't even setup windows properly yet. It's justhost.

    I have many other accounts and they were never hacked.


     
  19. WealthMan

    WealthMan Newbie

    Joined:
    Apr 4, 2009
    Messages:
    23
    Likes Received:
    0
    Location:
    Wherever I May Roam
    Hope you've at least got firewall, AV, anti spyware installed and patched the OS.
     
  20. jazzc

    jazzc Moderator Staff Member Moderator Jr. VIP

    Joined:
    Jan 27, 2009
    Messages:
    2,468
    Likes Received:
    10,148
    You 've never seen the list of known companies that use wordpress I suppose. :D
    http://en.wordpress.com/notable-users/