1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Have we been hacked?!

Discussion in 'BlackHat Lounge' started by natewex, Nov 13, 2009.

  1. natewex

    natewex Power Member

    Joined:
    Sep 22, 2009
    Messages:
    602
    Likes Received:
    127
    Location:
    Ireland
  2. oldenstylehats

    oldenstylehats Elite Member Premium Member

    Joined:
    Apr 10, 2008
    Messages:
    1,893
    Likes Received:
    1,196
    Looks like it.
     
  3. sdesignb

    sdesignb Junior Member

    Joined:
    May 7, 2008
    Messages:
    107
    Likes Received:
    24
    Yes you have been. Clean fast because you can get a ban from Google, also when they hack you they leave a shell script so they can have more fun with you. Search any SUSPICIOUS php file.
     
  4. oxonbeef

    oxonbeef BANNED BANNED

    Joined:
    Jan 4, 2009
    Messages:
    2,242
    Likes Received:
    7,872
    Defacing sites is so lame.
     
  5. ezcoin

    ezcoin BANNED BANNED

    Joined:
    Nov 27, 2008
    Messages:
    82
    Likes Received:
    73
    but they stole email list and install backdoors
     
  6. sdesignb

    sdesignb Junior Member

    Joined:
    May 7, 2008
    Messages:
    107
    Likes Received:
    24
    depends on the method of defacing, the security flaw which they used to hack into.
     
  7. natewex

    natewex Power Member

    Joined:
    Sep 22, 2009
    Messages:
    602
    Likes Received:
    127
    Location:
    Ireland
    thanks guys. Do u say its came from an infection on my pc or was it just them accessing the server themselves!? Bastards!
    Posted via Mobile Device
     
  8. sdesignb

    sdesignb Junior Member

    Joined:
    May 7, 2008
    Messages:
    107
    Likes Received:
    24
    Do you have any scripts installed on site? There I think it's your problem.
     
  9. natewex

    natewex Power Member

    Joined:
    Sep 22, 2009
    Messages:
    602
    Likes Received:
    127
    Location:
    Ireland
    thanks dude. Not actually my site tho was just transferring it for a client so ill have to check.
    Posted via Mobile Device
     
  10. hazard_mkd

    hazard_mkd Junior Member

    Joined:
    Oct 1, 2009
    Messages:
    197
    Likes Received:
    58
    they will set-up paypal, or bank scams on your host, and they'll spam the shit out of that address..

    then it will be reported as website forgery, and theeen .. google will hate you.. and the hackers, they will be long gone, with a smile on their face.. with a few, or a few hundred paypals, or bank logins..

    ACT FAST!!!!!

    i know this stuff because i once did them ..
     
    • Thanks Thanks x 1
  11. Lex Leto

    Lex Leto BANNED BANNED

    Joined:
    Nov 10, 2009
    Messages:
    16
    Likes Received:
    79
    Wow, that really sucks. Hopefully it's just some kids having fun, and not what these guys are saying.
     
    • Thanks Thanks x 1
  12. oxonbeef

    oxonbeef BANNED BANNED

    Joined:
    Jan 4, 2009
    Messages:
    2,242
    Likes Received:
    7,872
    They always seems to be from Turkey as well.
     
  13. loamigad

    loamigad Jr. VIP Jr. VIP

    Joined:
    Sep 18, 2007
    Messages:
    257
    Likes Received:
    76
    How could you have been hacked it's:
    Unsecure script(s)
    Or an exploit on for example apache...
    Might even be a simple bruteforce attack.

    Other than that, dunno.
    kinda ironic, iv'e made the same observation.
     
  14. Lex Leto

    Lex Leto BANNED BANNED

    Joined:
    Nov 10, 2009
    Messages:
    16
    Likes Received:
    79
    They've got nothing better to do.
     
  15. n2zen

    n2zen Regular Member

    Joined:
    Sep 27, 2009
    Messages:
    269
    Likes Received:
    70
    Sometimes it's easier to nuke the account and reload from your cpanel backups, just to make sure there aren't any residual problems.

    Make sure your host is aware, since the last time I had a similar issue it was an XSS problem on shared hosting where one account could access the db's and filesystems of other accounts.
     
  16. sdesignb

    sdesignb Junior Member

    Joined:
    May 7, 2008
    Messages:
    107
    Likes Received:
    24
  17. JesusChristSr

    JesusChristSr Regular Member

    Joined:
    Jun 22, 2009
    Messages:
    258
    Likes Received:
    200
    Location:
    SLOTOWN
    God damb Turkish skido's! Sorry for your misfortune bro.
     
  18. Mage

    Mage Junior Member

    Joined:
    Jan 31, 2008
    Messages:
    150
    Likes Received:
    18
    When I checked one of my sites in IE, I get this message that it is stopping the site from dropping an ActiveX. Since it's not something I did, where can I start looking to deactivate this dropping of ActiveX? It's a WP site.
     
  19. hiding_whitehat

    hiding_whitehat Junior Member

    Joined:
    Jan 3, 2009
    Messages:
    148
    Likes Received:
    112
    LOL, sorry to hijack real quick, but do any of you guys remember an old thread where some lameo guy had put up an IM product for sale, but somebody hacked it, changed some of the salesletter around to guarantee failure, and messed with the "wait! we have a special offer!" chat bot to ask visitors for gay sex?
     
  20. cagefighter

    cagefighter Junior Member

    Joined:
    Nov 13, 2009
    Messages:
    109
    Likes Received:
    101
    Occupation:
    Retired Professional Fighter, Now Trainer and Web
    Location:
    New York/Atlanta
    Check and make sure you aint got no fuking iframes all over the place as well. Also check the css files, Same shit happened to me loaded my site up with java scripts and iframes and also infected my style sheets.. But yea act fast so google dont give you the this site is a attacked site BS..

    Cage..