1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

NEVER Use Fiver To "Fix" A Hacked Site..

Discussion in 'BlackHat Lounge' started by BreaknBrix, Nov 3, 2014.

  1. BreaknBrix

    BreaknBrix Power Member

    Joined:
    Mar 25, 2014
    Messages:
    751
    Likes Received:
    4,189
    Location:
    NE US
    I had to tell the forum about this experience.

    I've used fiver gigs for MANY things that I probably shouldn't have. I've used gigs to...

    1) Move all my sites from 1 server to another.
    2) To get my forms nice and fancy.
    3) To realign sidebar, padding, other stuff.
    4) To add features my theme doesn't have, like drop down menus, etc.
    5) Worst of all.... the "I'll fix your hacked website" gigs.

    All these gigs require that you exchange all your vital passwords with some stranger. So I always looked for "top rated sellers" and falsely assumed they wouldn't try any crazy shit.

    So my sites all got hacked. I contacted a "top level" seller on fiver. The guy claimed to remove all my hacks. He also did a lot of other work like deleted unused plugins, themes, fixed some alignment issues, permanently disable comments on all sites, etc etc. After he finished his work, I noticed ALL my sites were 4xs faster. I made a thread about this somewhere else. And then the following day one of my keywords jumped 60 positions to #5 on Google.

    So I was happy. I paid this guy $80 and just assumed everything was fine.

    Then...... the days passed by. The "this site may be hacked" notice never went away. I started messaging the guy who claimed to have fixed the hack and he said "just wait a little longer till G recrawls your site". I started becoming very suspicious..... then 1 day I wake up and BAM, my money site completely disappeared from the SERPS. It starts throwing a 403 forbidden error and traffic drops to 0. All sites on that shared godaddy server got cross contaminated.

    That's when I said "fuck it" and paid $299 to Sucuri.

    They've been working on the sites for a few days now. But guess what? These people found 14 different malware files, evals, all types of shit that this fiver guy hadn't even touched. On top of that they found tons of back doors, vulnerabilities, all types of shit.

    So I went back to the fiver guy and asked him, "when you said you 'fixed' the hack.... what specifically did you do"?
    He said, "I removed the viagra text from all your pages". I went back and counted and it was 3 lines of text. All the hundreds of pages the hacker posted on my site, he didn't even touch them. Didn't identify or delete 1 piece of malware. I basically paid the guy $80 for what I now realize was probably 1 hour of work.

    Sucuri has been great. Probably one of the best decisions I've ever made.

    But THIS is my question. When you guys need technical things done. Who or what do you use?

    I NEVER see an issue and immediately go to fiver. When my form got messed up I read for about 6 hours straight, trying all sorts of tricks and code and couldn't fix it. So I went to fiver and got it fixed immediately. Same thing with moving my sites from 1 server to another. I was watching tutorials and just got confused as hell, intimidated so had to pay someone else.

    There are LOTS of times where I need small, technical things done on my site. But now I'm afraid to use fiver for anything. And my question is... what do YOU guys do? The "responsible" webmasters that is. If I need some coding done that I can't do myself, am I safe using fiver, changing all my passwords after, then just let Sucuri monitor the sites?

    I'm still doing a lot of reading on the Sucuri blog. I'm going to get a free password manager to make things easier. But what I'd love to know, is there some type of plugin that can analyze and report ANY changes that are made to my code? If I need to hire someone on fiver to change something, I wanna make sure they're not doing anything shady on my sites. And I still have to install Sucuri's plugin, but will that plugin tell me if someone is changing code on my site? Is Sucuri's website monitoring good enough to prevent problems in the future?

    -BB
     
  2. MyPasswordIs1234

    MyPasswordIs1234 Registered Member

    Joined:
    Mar 4, 2014
    Messages:
    96
    Likes Received:
    76
    Next time use someone reliable... like a hackforum vendor or something.
     
    • Thanks Thanks x 1
  3. Asif WILSON Khan

    Asif WILSON Khan Executive VIP Premium Member

    Joined:
    Nov 10, 2012
    Messages:
    10,112
    Likes Received:
    28,533
    Gender:
    Male
    Occupation:
    Fun Lovin' Criminal
    Location:
    London
    Home Page:
    I try to fix most things myself as I like to learn and enjoy overcoming problems.
    I would only pay somebody else if I felt it was way beyond my capabilities or was going to take an excessive amount of time.
    I would never trust anybody from Fiverr with my server details.

    Add WordFence Plugin https://wordpress.org/plugins/wordfence/
    There are many security plugins but this one is great.
     
    • Thanks Thanks x 3
  4. ShadeDream

    ShadeDream Elite Member

    Joined:
    Nov 27, 2008
    Messages:
    2,209
    Likes Received:
    5,230
    Location:
    He who laughs last, laughs longest.
    Is it me or did this read like a Sucuri ad?
     
  5. ranavex

    ranavex Newbie

    Joined:
    Jun 1, 2013
    Messages:
    28
    Likes Received:
    2
    Occupation:
    SEO!
    Home Page:
    I worked in fiverr but its quite unusual that top rated sellers disappointed their clients!
    Feeling poor to them...
     
    • Thanks Thanks x 1
  6. BreaknBrix

    BreaknBrix Power Member

    Joined:
    Mar 25, 2014
    Messages:
    751
    Likes Received:
    4,189
    Location:
    NE US
    Am I the only one wondering why a jr exec doesn't know the difference between an "ad" and a REFERRAL?

    Hell yes I recommend their service. I strongly, passionately and fervently recommend it. Does that annoy you? Great, I don't care. I called godaddy 3 f#cking times, my brother who's an engineer for At&t and jokingly asked for $1000 to fix this shit, fiver idiots who didn't do a thing..... sucuri were the only people who helped me fix this shit.

    Sucuri sucuri sucuri.
     
  7. pxoxrxn

    pxoxrxn Supreme Member

    Joined:
    Dec 21, 2011
    Messages:
    1,397
    Likes Received:
    2,066
    Why do you get them to do a simple job like moving your website? I can show you how to do this if you like, it takes a couple of minutes depending on how big your website is and if you have SSH access.
     
    • Thanks Thanks x 1
  8. Methodone

    Methodone Junior Member

    Joined:
    Oct 10, 2012
    Messages:
    108
    Likes Received:
    25
    Location:
    Israel
    fiverr is not like 5 bucks?
     
  9. ziplack

    ziplack Senior Member

    Joined:
    Feb 18, 2010
    Messages:
    1,193
    Likes Received:
    603
    Location:
    BHW
    daily backups its the key. You can restore a website in 20 mins
     
  10. antichrist

    antichrist Jr. VIP Jr. VIP

    Joined:
    Aug 21, 2012
    Messages:
    1,722
    Likes Received:
    2,070
    Location:
    On top of the world!
    I use fiverr to speed up my sites, which has worked great for me. The one and only time I had a hacked website, I just got my host to restore an older backup, updated everything and it never happened again.

    Sucks when it happens, but I am glad you got it figured out.

    As for the comment about an ad, LOL. Common, if you have ever had something shocking happen to one of your sites and someone helps you fix it, you are fucking grateful, which is what this post it.
     
  11. BassTrackerBoats

    BassTrackerBoats Moderator Staff Member Moderator Jr. VIP

    Joined:
    Mar 10, 2010
    Messages:
    12,731
    Likes Received:
    21,939
    Occupation:
    I don't actually have a job
    Location:
    It's an Algo, of course it can be gamed.
    Home Page:
    There are a bunch of guys right here that can do those sorts of things and at the same rate you paid the fiverr guy, maybe even better $.

    Next time post here and you'll get a guy that is accountable and reasonable.

    For tech stuff I have guys on staff but for things like moving sites, etc, I have always had very good luck hiring from here.

    In addition to getting a better quality guy, you get a guy that has to do right by you or he could end up dealing with Old Salt in a way he would rather not.
     
    • Thanks Thanks x 2
  12. ttrox

    ttrox Regular Member

    Joined:
    Jun 28, 2013
    Messages:
    217
    Likes Received:
    75
    No, I wouldn't trust Fiverr with a site/server's password TBH. There's always honest people, and that really know their stuff, but chances are that most don't really know how to solve tough problems and will only clean superficial problems such as you say.

    Like W130SN suggested, WordFence is quite a good plugin, but it still isn't perfect (there is no such thing as a perfect malware detection tool). When I once had a breach on one of my sites (because of a outdated plugin that doomed probably around 8% of wordpress installations), it helped identifying a few suspiciously modified files, but then you have newly created files which leave open doors for everyone to fuck up your site, and it can't detect. You have to start using other tools to help find these.

    If you ever have any problem, feel free to post over here and we might be able to help.
     
  13. coitza

    coitza Jr. VIP Jr. VIP Premium Member

    Joined:
    Oct 26, 2007
    Messages:
    2,565
    Likes Received:
    609
    Occupation:
    freelancer
    Home Page:
    Well....not sure how you ever considered using fiverr for that, besides the obvious never give your passwords to strangers or friends or family.... how much work do you think he would have put in this for $5 ? removing bad stuff from a hacked site is usually not a 10 minute job unless you have a full backup of clean files and databases and just switch everything.

    Also, did you try asking your hosting support to do this, only time this happened to me, I contacted support and they got it sorted for me in a couple of hours...this might depend on the hosting provider though.