1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

They hacked my site and redirecting traffic to their site - Any suggestion?

Discussion in 'Black Hat SEO' started by inamon, Jun 26, 2012.

  1. inamon

    inamon Regular Member

    Joined:
    Aug 10, 2010
    Messages:
    238
    Likes Received:
    158
    Occupation:
    Social Media Marketing
    Home Page:
    Fellow blackhatters.
    There must be many genius coders in this community to point this out. I was so frustrated seeing this happen.

    We have a pretty busy site with very active and engaged community here:
    hxxp://shareyt.com
    Which is a social media network building site.


    I found someone hacked the site and was redirecting all traffic to
    hxxp://www.likestraffickers.com
    This is stealing, i would say robbing and I am also adding this page to blackhatorld's shitlist.

    I could regain control of my site by reversing back the files to previous version.
    But this is happening repeatedly. somehow they are changing the codes.

    Can anyone suggest me how to prevent this? I can give you some more details in PM,

    On the other hand, will it be unfair if I ask some volunteers to take it like a game to stand for me and send a message to this site owner by counterattacking their site.

    All the best.
     
  2. buttulgly

    buttulgly Junior Member

    Joined:
    Nov 25, 2010
    Messages:
    123
    Likes Received:
    40
    Why do you assume it is them? It could just as easily be another site wanting to screw you around and they just picked that site randomly.

    As to what to do next, try changing your host's login details for starters.
     
  3. theAngle

    theAngle Junior Member

    Joined:
    May 19, 2012
    Messages:
    118
    Likes Received:
    53
    Occupation:
    Web Developer
    I accessed your site and there is no redirection. If someone hacked you site the way you said, then they insert a script in your host to redirect your site to another place, but this is not happening.

    If that were the case you should get inside your host and remove the script, but as I said, this is not happening, your traffic is okay.
     
    Last edited: Jun 26, 2012
  4. ButcherPete

    ButcherPete Regular Member

    Joined:
    Jan 10, 2012
    Messages:
    284
    Likes Received:
    281
    Occupation:
    Factory supervisor; internet marketer in training
    Location:
    Ohio
    If you can confirm that the owners of this site are actually the ones doing this, report it to their webhost. Also report it to their affiliate or ad network if they are using one. Affiliate/ad networks DO NOT like being associated with activity like this.

    But again, make sure it's them first. Like buttulgly pointed out in his post, it could just be someone else making that site into a scapegoat, and it would be a shame to ruin their hard work because the facts weren't checked first.
     
  5. inamon

    inamon Regular Member

    Joined:
    Aug 10, 2010
    Messages:
    238
    Likes Received:
    158
    Occupation:
    Social Media Marketing
    Home Page:
    There is high possibility that the guys behind this site hacked us because, they are direct competitors. This happened repeatedly.
    And why would someone else hack the site and redirect to a random site?
    For the least, the intention of the hacker can be driving traffic to that site to generate affiliate signups.
     
  6. inamon

    inamon Regular Member

    Joined:
    Aug 10, 2010
    Messages:
    238
    Likes Received:
    158
    Occupation:
    Social Media Marketing
    Home Page:
    Yes, its okay now.
    It was first priority to fix the site.. So I've fixed this first then made this post.

    Anyway, can you guys have any idea how someone could hack? Do you see any vulnerability that we could work on and strengthen security?
     
  7. katkoute

    katkoute Regular Member

    Joined:
    Feb 22, 2012
    Messages:
    253
    Likes Received:
    118
    Occupation:
    Iming All Day
    Location:
    Morocco Mall
    hire someone here to help u a lot of guys here are good at that
     
  8. deviatus

    deviatus Power Member

    Joined:
    May 25, 2007
    Messages:
    517
    Likes Received:
    387
    Change web hosts and scan your code.
     
  9. rippy

    rippy Regular Member

    Joined:
    Sep 24, 2008
    Messages:
    398
    Likes Received:
    131
    Location:
    Euro - Ozzie
    Is it a wordpress? They are easily hackable at first.
    Better WP Security is a decent plugin.
     
  10. theAngle

    theAngle Junior Member

    Joined:
    May 19, 2012
    Messages:
    118
    Likes Received:
    53
    Occupation:
    Web Developer
    I tried some techniques that I know to hack your site, but I couldn't. Maybe, they know better techniques than mine.

    Have you changed your log-in credentials, already?
     
    • Thanks Thanks x 1
  11. kaloqq

    kaloqq Junior Member

    Joined:
    Nov 3, 2011
    Messages:
    119
    Likes Received:
    35
    Location:
    Bulgaria
    We can take them down... We can find more sites that they have, take all of them down. Then when they upload the back up we do it again.

    Generally, that is very stupid to hack someone and redirect. I was thinking to do something similar then I get sober and realize that is extremely stupid idea...
     
  12. inamon

    inamon Regular Member

    Joined:
    Aug 10, 2010
    Messages:
    238
    Likes Received:
    158
    Occupation:
    Social Media Marketing
    Home Page:
    Thanks for the help.
    Yes, previously we changed login info but they/ someone hacked in again. Definitely they dont need login info to get access. May be its something else.

    I've also tried mysql injection trying to hack own site, but I didnt find any vulnerability either.
     
  13. kaloqq

    kaloqq Junior Member

    Joined:
    Nov 3, 2011
    Messages:
    119
    Likes Received:
    35
    Location:
    Bulgaria
    And still you can add some special symbols restriction for the fields that you don't need them.

    Is your contact form connected with your e-mail or you are receiving the messages onsite?

    Could you give permissions to particular users? If yes then check which users what permission does have.
     
    • Thanks Thanks x 1
  14. theAngle

    theAngle Junior Member

    Joined:
    May 19, 2012
    Messages:
    118
    Likes Received:
    53
    Occupation:
    Web Developer
    Do you have .htaccess file installed on your served? Well set up, to lock all directories? This is the best way to avoid any hacking!
     
  15. LikesTraffickers

    LikesTraffickers Newbie

    Joined:
    Jun 27, 2012
    Messages:
    1
    Likes Received:
    0
    Hello,

    I'm the owner of LikesTraffickers, as ButcherPete said how do you know that WE, the site owners done that, redirect your site to ours?

    We got alot of complains about this matter, from webmasters that saying that we hack they'r sites, and the answer is simple:

    We work with money and coins on our site and we have a affiliate program that people can earn money and coins thru this program, we counght a user of our site doing what happend to you site, redirecting other sites to his referal link, so we have banned this user.

    As well WE got hacked the same way and got redirected to other website, but our programmer has fixed the hole and now the site is okey.

    I hope that i make my self clear about this matter, you can't blame us for hacking your website, or if you do it, do it right, come with some proves showing that WE hacked your site.

    I want you to delete this post or anything about LikesTraffickers that make us look bad if you don't have any proves.

    Thank you and i hope you fix your site.
     
    Last edited: Jun 27, 2012
  16. inamon

    inamon Regular Member

    Joined:
    Aug 10, 2010
    Messages:
    238
    Likes Received:
    158
    Occupation:
    Social Media Marketing
    Home Page:
    @LikesTraffickers
    Please give details in PM.
    Give credentials of your member who were hacking different websites.
    We need to verify. We too have referral system and pay for signups, and the same member most probably has already signed up for our site. But we havent got complains from other webmasters about his hacking and redirecting to our site.
    So looks like he is hacking and redirecting to your site only.
    Why?
     
  17. envy117

    envy117 Newbie

    Joined:
    Jun 27, 2012
    Messages:
    14
    Likes Received:
    2
    This is a serious offense, you could always sue or use the threat of a lawsuit
     
  18. Dumper

    Dumper Supreme Member

    Joined:
    Mar 20, 2009
    Messages:
    1,391
    Likes Received:
    485
    Location:
    Perdido Key
    Nope, not making any sense...

     
  19. illfounded21

    illfounded21 Senior Member

    Joined:
    Dec 19, 2011
    Messages:
    1,147
    Likes Received:
    1,168
    Location:
    UK
    Hmm, not sure about this response.
     
  20. magomago

    magomago Newbie

    Joined:
    May 8, 2010
    Messages:
    35
    Likes Received:
    7
    Location:
    Everywhere
    It does sound like hacking. Especially, after reading the badly written reply. Wanting to completely cover up something seems more suspicious to me.

    My suggestion is to change your webhost. If you've changed your login credentials and they are still getting in, and you've checked your site code (with a virus scan and for other various Mysql injection vulnerabilities)... Then it would appear more as they are getting in from the webhost itself. (Not sure whom you host with.) But sometimes smaller hosts are more vulnerable to attacks.

    Took another look at your site... Some directories are open to directory browsing. (That's a no-no.) Put blank index.php files in your folders that do not have them. (Or shut off directory browsing through .htacess.) Also, you might want to be sure that you set up where no domains can link and use your file. A handy trick to get database information I've done in the past was to set up a mysql dump and direct my file to use the config.php of another site. This would give me access to everything I wanted. Be sure to look for suspicious files as well, because if they have a file in your directory somewhere they can simply continue to deface your site.
     
    • Thanks Thanks x 1