1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

My websites got hacked by...

Discussion in 'BlackHat Lounge' started by marco2379, Sep 21, 2009.

  1. marco2379

    marco2379 Junior Member

    Joined:
    Feb 12, 2008
    Messages:
    137
    Likes Received:
    99
    Home Page:
    I steaming mad about the time and sleep i've lost since last night restoring my websites from backups. These scumbags who call themselves "Turkish Muslim Hackers" somehow managed to replace my website index files on several of my websites.

    This freaked me out and really pissed me off. I've managed to change all hosting, ftp, database, admin login, and secondary admin login passwords. But what I really want to change is how these douchebags piss from standing to sitting.

    I can not believe that my websites are that popular that I would be targeted alone for this attack and my webhost has not indicated that they have experienced a security breach. I'm trying to figure out if this hacking 'coincidentally' happened at the same time as the end of the Muslim Ramadan.

    BHW family I don't know if anyone has experienced this recently but we all should be careful about security never get lax about backup your files and periodically changing your passwords.

    Damn hackers.
     
  2. noob411

    noob411 Junior Member

    Joined:
    Feb 22, 2009
    Messages:
    176
    Likes Received:
    127
    Occupation:
    Feeding my wallet
    Location:
    Palm Bay, Florida
    :D they hacked and then took responsibility. wow hackers are evolving...... made me lol so thanks...
    or ur way to paranoid either one made me laugh. I don't think ramadan is a reason to hack you lol shit lol
    omg lol i can't stop lololol take some xanax lol
     
    Last edited: Sep 21, 2009
  3. marco2379

    marco2379 Junior Member

    Joined:
    Feb 12, 2008
    Messages:
    137
    Likes Received:
    99
    Home Page:
    Something like that minus all the graphics. One of my sites even had a redirect slipped in to backd0or.co.cc/owned.php. Maybe it has nothing to do with Ramadan, I just remember reading about the end of Ramadan in the newspaper yesterday and then all of a sudden Turkish Muslims are attacking my site... Coincidence maybe. Am I paranoid probably.
     
  4. Maxell

    Maxell Regular Member

    Joined:
    May 10, 2007
    Messages:
    456
    Likes Received:
    563
    my entire server was hacked, infact it was "tit for tat" I personally actually wrote a small C script that would replace all the index.* files to another page 7-8 years ago when I used to have fun by testing security holes in the servers and it happend to ME last year when all of my websites 50 (sites) were attacked like this :d...

    I can feel your pain, you may notice that even the index.gif and all image files would also be modified.. I didnt have backups of some of my old websites :( I feel sorry for you..
     
  5. The Scarlet Pimp

    The Scarlet Pimp Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 2, 2008
    Messages:
    788
    Likes Received:
    3,127
    Occupation:
    Chair moistener.
    Location:
    Cyberspace
    my old host, lunar pages, used to get hack attacks often. that's one reason why i switched!
    i have backups but it's time for a new backup.
     
  6. Hijinx

    Hijinx Junior Member

    Joined:
    Apr 13, 2009
    Messages:
    142
    Likes Received:
    87
    Location:
    New Jersey
    I always run my sites through Acunetix Web Vulnerability Scanner... it helps specially if you are using nulled or old scripts.
     
  7. indexyoursite

    indexyoursite Jr. VIP Jr. VIP Premium Member

    Joined:
    Nov 19, 2008
    Messages:
    262
    Likes Received:
    219
    Occupation:
    Day Job: Latin Lover
    Location:
    I´ll check my GPS & tell you
    Lol, not always. I have a friend that lives in Cali, & he likes to deploy "things" in other people sites, but he never claims ownership, so you will never know if you're hack, only feel a sudden earnings freeze. :D
     
  8. ragez

    ragez Registered Member

    Joined:
    Aug 11, 2009
    Messages:
    59
    Likes Received:
    1
    Occupation:
    IM In Training
    Location:
    Goal $68 A Day
    man i hear about these guys all the time heard they are good
     
  9. ahmad-1

    ahmad-1 Newbie

    Joined:
    Mar 19, 2009
    Messages:
    13
    Likes Received:
    1
    What are you'r web site content that make it a nice shot for hackers?
    "ramadan for worship not hacking ?!"
     
    Last edited: Sep 21, 2009
  10. silentthunder

    silentthunder Jr. VIP Jr. VIP Premium Member

    Joined:
    Feb 6, 2009
    Messages:
    525
    Likes Received:
    1,342
    Occupation:
    cpa
    Location:
    In the pink
    These guys are infamous. Hackers with a cause stronger and crazier than kicks or money are the most dangerous kind of cyber terror guys.
     
  11. oxonbeef

    oxonbeef BANNED BANNED

    Joined:
    Jan 4, 2009
    Messages:
    2,242
    Likes Received:
    7,872
    Site defacement is seen as lame even amoungst the hacking community.
    It's one of the first things a n00b script kiddy learns to do.
     
  12. sdtopensied

    sdtopensied Regular Member

    Joined:
    Sep 1, 2009
    Messages:
    211
    Likes Received:
    113
    Occupation:
    Software Developer
    Location:
    Western Hemisphere
    The one site I looked at where the hacker claimed responsibility left the e-mail address Firtina.B0z0@Gmail.C0m. I just posted a few e-whore ads on CL with Firtina.B0z0@Gmail.C0m as the contact. I imagine this person will LOOOVE getting a gazillion penis pictures over the next few days. :D

    -SDT

    0=o
     
    • Thanks Thanks x 1
  13. googlemonster

    googlemonster Supreme Member

    Joined:
    Nov 15, 2008
    Messages:
    1,400
    Likes Received:
    525
    Bet the Turkish dickhead is making bank. Not.
     
  14. orangeblossoms

    orangeblossoms Regular Member

    Joined:
    Jun 16, 2009
    Messages:
    228
    Likes Received:
    247
    Hahha awesome!
     
  15. marco2379

    marco2379 Junior Member

    Joined:
    Feb 12, 2008
    Messages:
    137
    Likes Received:
    99
    Home Page:
    I've learned my lesson and thank God that the hack attack was mostly benign and juvenile. I guess I should thank these douches for the wake up call.
     
  16. nbsweb

    nbsweb Junior Member

    Joined:
    Jan 5, 2009
    Messages:
    169
    Likes Received:
    74
    do a security scan.
    don't use nulled scripts on your site
    do frequent updates on your php files.
     
  17. richjerkoff

    richjerkoff Junior Member

    Joined:
    Apr 7, 2008
    Messages:
    159
    Likes Received:
    79
    Location:
    UK
    Too true about installing dodgy scripts. I would never compromise any of my websites with so-called nulled scripts because they could have hidden backdoors added. Saving a few dollars this way could cost you more than it's worth. Not worth the risk in any way shape or form.
     
  18. prozium

    prozium Newbie

    Joined:
    Mar 31, 2009
    Messages:
    48
    Likes Received:
    12
    Well most of those hackers are actually script kiddies just googling around for vulnerabilities ( RFI, LFI, SQL injections, xss) and sometimes it's even automated - the script roots and defaces automatically. So don't take it personal - it's probably not because of YOUR sites, it's just because they found a vulnerability and exploited it. By the way the most childish thing to do with a hacked server or website is to deface it ...
     
  19. robertodelgato

    robertodelgato Regular Member

    Joined:
    Jun 28, 2009
    Messages:
    348
    Likes Received:
    3,177
    Occupation:
    Yeah, right.
    Location:
    Top of the 3-pack
    Since I'm sure they troll CL looking for pr0n, imagine when they get their own dick pic in their inbox!

     
  20. mikie46

    mikie46 Jr. VIP Jr. VIP

    Joined:
    Aug 6, 2008
    Messages:
    1,454
    Likes Received:
    1,102
    You are probably running INSECURE scripts on your sites. You mentioned php. Are you running Wordpress? If so, you better upgrade to the latest version of WP 2.8.4 i think it is because previous versions are hackable. All the hacker has to do is run a query in Google that searches for Wordpress <version number> to get a list of ALL websites running WP and the version thats hackable. Then they come in and deface/replace your site.

    Let this be a warning to everyone else. Make sure you are running the latest version and or;

    Remove the <Version Number> echo in the header of your WP blog. That way, its not indexed by Google and searches for certain versions of WP will be impossible by these hackers unless they come across your site by accident. Even then, they would have to either try to hack it or they will view the header version # in your header.php file and move on.