1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Ok . . . WTF?

Discussion in 'BlackHat Lounge' started by ddub1218, Jul 2, 2009.

  1. ddub1218

    ddub1218 Newbie

    Joined:
    Apr 19, 2009
    Messages:
    31
    Likes Received:
    6
    Location:
    Minnesota
    Well, got home tonight from work, and decided that I would visit a site of mine to check up on the stats. Lone and behold, I get a page that says "This Account Has Been Suspended." So now I'm thinking GREAT, no money made today... I contact BlueHost's support, and they claim that there is a file in the directory that is being used to scam other sites or something. I checked my email just now, and I get THIS email (look below)

    Now, this got me thinking... Ironically enough, a few months ago my site was "hacked." The index.php file was changed, and whatever else the person did in my FTP is unknown. I contacted BlueHost support but there wasn't anything they could do for me, sadly. I have an eery suspicion that the hack that took place a few months ago may have implemented the file into my site.

    Any thoughts?
     
  2. KodiakApprentice

    KodiakApprentice Newbie

    Joined:
    Apr 13, 2009
    Messages:
    11
    Likes Received:
    16
    My thoughts would be this... Respond saying your site was hacked it should be on file with bluehost that you reported it... then strip the site down and replace it with a back up that you should have that was not modified by a hacker
     
    • Thanks Thanks x 1
  3. ddub1218

    ddub1218 Newbie

    Joined:
    Apr 19, 2009
    Messages:
    31
    Likes Received:
    6
    Location:
    Minnesota
    I contacted customer support, and they said that once the file was removed that they would put the site back up. The email said that they had my site shutdown.

    Ugh, SO frustrating!
     
  4. khan0

    khan0 Registered Member

    Joined:
    Jul 16, 2008
    Messages:
    75
    Likes Received:
    17
    Location:
    Toronto
    I would still consider you lucky - your host is still cooperating with you. I have had a whole dedicated server taken down because of the same old shit. Some dude was apparently sending out thousands of emails everyday, and they were all phishing emails as well.

    Had to get my PHP scripts checked and server reinstalled. Good luck.
     
    • Thanks Thanks x 1
  5. ddub1218

    ddub1218 Newbie

    Joined:
    Apr 19, 2009
    Messages:
    31
    Likes Received:
    6
    Location:
    Minnesota
    Yeah man, they say I should go through every php script I have hosted on it. That would be a weeks worth of work!
     
    Last edited: Jul 2, 2009
  6. Laser

    Laser Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 29, 2008
    Messages:
    822
    Likes Received:
    369
    Occupation:
    internet marketer
    Location:
    Exploiting the Net
    Home Page:
    that's not cool,,,
     
  7. ddub1218

    ddub1218 Newbie

    Joined:
    Apr 19, 2009
    Messages:
    31
    Likes Received:
    6
    Location:
    Minnesota
    I know right?! I know this may sound lame, but I am mega scared right now. I am sure that if the bank really wanted to, they could file some sort of lawsuit since a file from MY site has been scamming THEIR customers.
     
  8. ForeverNever

    ForeverNever Power Member

    Joined:
    Sep 17, 2008
    Messages:
    727
    Likes Received:
    365
    Just comply with everything they say and don't try and be a badass. Stay outta court and follow their instructions.
     
    • Thanks Thanks x 1
  9. heiny

    heiny Regular Member

    Joined:
    Dec 5, 2008
    Messages:
    227
    Likes Received:
    103
    Yeh you're lucky. You dont mess with RSA. If you do they'll take further actions, so noone dares to piss against the wind!
     
  10. khan0

    khan0 Registered Member

    Joined:
    Jul 16, 2008
    Messages:
    75
    Likes Received:
    17
    Location:
    Toronto
    @behere,

    If you are on shared hosting, most likely their servers are hardcore secured unless you are dealing with low-level hosts. But if you are hosted with HostGator or such, I am sure that they spend enough money to secure their servers.

    When I had this problem, it was due to a vulnerability in a PHP script. Regularly scanning your computer is also a good idea, maybe your computer is part of a huge bad-ass b0tnet :eek:
     
  11. nullacceptance

    nullacceptance Registered Member

    Joined:
    Nov 27, 2008
    Messages:
    86
    Likes Received:
    4
    Occupation:
    dig $$$$ online! :)
    about the lawsuit.. i believe you don't have to worry.
    if your site was really hacked, and the hacker used your site in doing the spamming - of such bank's clients.
    send them a response and tell them the truth, i believe you are armed with proofs to present to them that some hacker did the spamming, not you. emphasize that you're also a victim and promise to do the necessary action not to happen this again. thank them also for sending you the email, with that you got informed (alarmed also) that your site was hacked and was used without your knowing.
    i believe that way, they will find you sincere and honest.
     
  12. housemusic

    housemusic Regular Member

    Joined:
    Jan 27, 2009
    Messages:
    389
    Likes Received:
    72
    Occupation:
    Jan 2009
    Location:
    Jan 2009
    the hacker uploaded a phising page, mailer or something like that...
     
  13. Rob the Builder

    Rob the Builder Regular Member

    Joined:
    Nov 12, 2005
    Messages:
    243
    Likes Received:
    121
    just similar experience with bluehost

    a facebook clone.....on a subdomain

    a zanga poker site.......same

    a bank phsihing site

    all uploaded somehow..

    all i have on there is two wp autoblogs.

    I'v had dedicated servers for years and never had this. Bluehost must be wide open.