Well, got home tonight from work, and decided that I would visit a site of mine to check up on the stats. Lone and behold, I get a page that says "This Account Has Been Suspended." So now I'm thinking GREAT, no money made today... I contact BlueHost's support, and they claim that there is a file in the directory that is being used to scam other sites or something. I checked my email just now, and I get THIS email (look below) Now, this got me thinking... Ironically enough, a few months ago my site was "hacked." The index.php file was changed, and whatever else the person did in my FTP is unknown. I contacted BlueHost support but there wasn't anything they could do for me, sadly. I have an eery suspicion that the hack that took place a few months ago may have implemented the file into my site. Any thoughts?
My thoughts would be this... Respond saying your site was hacked it should be on file with bluehost that you reported it... then strip the site down and replace it with a back up that you should have that was not modified by a hacker
I contacted customer support, and they said that once the file was removed that they would put the site back up. The email said that they had my site shutdown. Ugh, SO frustrating!
I would still consider you lucky - your host is still cooperating with you. I have had a whole dedicated server taken down because of the same old shit. Some dude was apparently sending out thousands of emails everyday, and they were all phishing emails as well. Had to get my PHP scripts checked and server reinstalled. Good luck.
Yeah man, they say I should go through every php script I have hosted on it. That would be a weeks worth of work!
I know right?! I know this may sound lame, but I am mega scared right now. I am sure that if the bank really wanted to, they could file some sort of lawsuit since a file from MY site has been scamming THEIR customers.
Just comply with everything they say and don't try and be a badass. Stay outta court and follow their instructions.
Yeh you're lucky. You dont mess with RSA. If you do they'll take further actions, so noone dares to piss against the wind!
@behere, If you are on shared hosting, most likely their servers are hardcore secured unless you are dealing with low-level hosts. But if you are hosted with HostGator or such, I am sure that they spend enough money to secure their servers. When I had this problem, it was due to a vulnerability in a PHP script. Regularly scanning your computer is also a good idea, maybe your computer is part of a huge bad-ass b0tnet
about the lawsuit.. i believe you don't have to worry. if your site was really hacked, and the hacker used your site in doing the spamming - of such bank's clients. send them a response and tell them the truth, i believe you are armed with proofs to present to them that some hacker did the spamming, not you. emphasize that you're also a victim and promise to do the necessary action not to happen this again. thank them also for sending you the email, with that you got informed (alarmed also) that your site was hacked and was used without your knowing. i believe that way, they will find you sincere and honest.
just similar experience with bluehost a facebook clone.....on a subdomain a zanga poker site.......same a bank phsihing site all uploaded somehow.. all i have on there is two wp autoblogs. I'v had dedicated servers for years and never had this. Bluehost must be wide open.