1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

My site got hacked by HACKED BY B4TBOY - wtf

Discussion in 'BlackHat Lounge' started by walandio, May 27, 2012.

  1. walandio

    walandio Senior Member

    Joined:
    Jun 27, 2008
    Messages:
    1,198
    Likes Received:
    684
    Location:
    Pilipinas
    when i visit my site... the first thing i saw was this..

    [​IMG]

    I am not blaming my host here.. but I am using hostwinds.. All my site are hacked.. damn..

    I don't know what i did.. any ideas.?

    thanks,,
     
    • Thanks Thanks x 2
  2. Longover

    Longover Power Member

    Joined:
    Jun 9, 2008
    Messages:
    658
    Likes Received:
    347
    hostmonster has a similar setup and they refuse to change it. You can get access to every site on the account and then crap like this happens.

    Do you have a backup?

    If not, hire someone to clean it out.
     
  3. backontrack

    backontrack Power Member

    Joined:
    Jun 5, 2011
    Messages:
    517
    Likes Received:
    430
    Occupation:
    Father, Web development
    Location:
    I Love Apricot
    This happened to me too just recently, Im also using hostwinds but im not blaming anybody here, Just re install Wordpress and install security plug in,then make sure WP is always up to date, goodluck.
     
    Last edited: May 27, 2012
  4. captchadreams

    captchadreams Power Member

    Joined:
    Sep 19, 2008
    Messages:
    504
    Likes Received:
    131
    • Thanks Thanks x 1
  5. Florida™

    Florida™ Newbie

    Joined:
    May 27, 2012
    Messages:
    41
    Likes Received:
    31
    Location:
    Searching for location...
    Wow, hopefully he's not going for all hostwinds sites, because I bought hosting plan there.
     
  6. loswarrior

    loswarrior Regular Member

    Joined:
    Mar 2, 2011
    Messages:
    395
    Likes Received:
    162
    Location:
    Still Looking!
    Just speak to someone at Hostwinds and they will sought it for you. I had the same problem, was really pissed off cos I was selling some sites at the time :(
    But they got my sites back within the hour.
     
    • Thanks Thanks x 1
  7. katkoute

    katkoute Regular Member

    Joined:
    Feb 22, 2012
    Messages:
    253
    Likes Received:
    118
    Occupation:
    Iming All Day
    Location:
    Morocco Mall
    the hacker is from dominican republic lol
     
    • Thanks Thanks x 1
  8. internetfree

    internetfree Junior Member

    Joined:
    Dec 27, 2010
    Messages:
    110
    Likes Received:
    43
    Occupation:
    backlinking
    Location:
    Internet
    Home Page:
    My wordpress sites also been hacked few days ago the hacker was from turkey (he says that but lol) he only access to index.php and rewrite it.I use namecheap shared hosting for my sites.Also index.php is simple file which has just one function to load wordpress theme header or to say wordpress installation.
    I just access through file manager from file cpanel and get back org wordpress index.php file.That's happen to me and how I fix that also.After that I search for maybe some other stuff maybe he left for backdoor and change all my ftp,wp passwords etc.
    I hope that this can helpful for you too. Stay cool :cool:
     
  9. walandio

    walandio Senior Member

    Joined:
    Jun 27, 2008
    Messages:
    1,198
    Likes Received:
    684
    Location:
    Pilipinas
    I already create a support ticket on hostwinds.. hopefully they sort this out.. all my sites on hostwinds got hacked.. but my sites on ipage didn't.. But still i don't want to blame hostwinds.. I love hostwinds..

    I was thinking maybe the softaclus install.. In Ipage i'm not using softaclus, instead simple scripts is used in ipage..
     
  10. G-S-T

    G-S-T Executive VIP Jr. VIP

    Joined:
    Jan 20, 2011
    Messages:
    1,840
    Likes Received:
    8,808
    Occupation:
    Full time IM
    Location:
    Heavy in the game
    sounds like an outdated plugin or wordpress version was to blame. This happened to me last year, fuckers got like 80 of my sites in 1 go. Took me the best part of a week to recover from that. I updated all my wordpress versions and removed any non essential plugins from my directory.
     
  11. lanbo

    lanbo Jr. VIP Jr. VIP Premium Member

    Joined:
    Aug 23, 2009
    Messages:
    3,436
    Likes Received:
    595
    Home Page:
    Double check all of your plugins
     
  12. hckone

    hckone Registered Member

    Joined:
    Apr 24, 2010
    Messages:
    85
    Likes Received:
    5
    YUP !e
     
  13. kkvsam

    kkvsam Senior Member

    Joined:
    Oct 11, 2009
    Messages:
    936
    Likes Received:
    569
    Occupation:
    SYS ADMIN
    Home Page:
    Do you use any nulled themes or plugins? if yes, then that should be the cause...
     
  14. proxyblaze

    proxyblaze Jr. VIP Jr. VIP

    Joined:
    Oct 26, 2011
    Messages:
    822
    Likes Received:
    139
    Occupation:
    Technical Assistant (Wipro)
    Location:
    ProxyBlaze.com
    Home Page:
    Don't install crappy plugins :)
     
  15. walandio

    walandio Senior Member

    Joined:
    Jun 27, 2008
    Messages:
    1,198
    Likes Received:
    684
    Location:
    Pilipinas
    I used cracked themes.. damn..
     
  16. walandio

    walandio Senior Member

    Joined:
    Jun 27, 2008
    Messages:
    1,198
    Likes Received:
    684
    Location:
    Pilipinas
    i found out that it's not just wp site got hacked..
    even a cms installed through softaclus.. damn.
    is it softaclus?
     
  17. trungdeplao

    trungdeplao Junior Member

    Joined:
    Jun 30, 2010
    Messages:
    109
    Likes Received:
    33
    I use joomla on hostwinds and got hacked two days ago...luckily he didn'n change the database...
     
  18. proxyblaze

    proxyblaze Jr. VIP Jr. VIP

    Joined:
    Oct 26, 2011
    Messages:
    822
    Likes Received:
    139
    Occupation:
    Technical Assistant (Wipro)
    Location:
    ProxyBlaze.com
    Home Page:
    Just avoid cracked themes. These themese will generate a custom hacked html/php page in each and every folder/domains.
    Delete all the files & upload a backup.
     
  19. moneyneeded

    moneyneeded Regular Member

    Joined:
    Dec 14, 2010
    Messages:
    268
    Likes Received:
    50
    Occupation:
    Student/ Internet Marketer
    Location:
    USA
    Sorry to hear your site got hacked...he is pretty bold because he left a way to contact him through facebook. That shit cray!
     
  20. kkvsam

    kkvsam Senior Member

    Joined:
    Oct 11, 2009
    Messages:
    936
    Likes Received:
    569
    Occupation:
    SYS ADMIN
    Home Page:
    That is the cause. So what you have to do is check the encrypted files or obfuscated javascripts. Clean them and upload again.:)