1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

this site hacked my client site, when you want to order it send you to the hacker site !

Discussion in 'Black Hat SEO' started by webpfa, Jan 14, 2016.

  1. webpfa

    webpfa Power Member

    Joined:
    Mar 24, 2009
    Messages:
    593
    Likes Received:
    105
    Occupation:
    nothing
    Location:
    localhost
    Everytime a person try to order on my client site or when my client try to see the orders on the cubecart it redirect to here :
    http://healingfirstvalue.com/?

    The tipical generic indian pharmacy crap site . This people did it before with an almost an exactly site ( that now is offline ) . Besides cleaning my client site ( last time took more than a whole day to do it ) how the hell I can fuck this people ? They simple buy a domain for a year, when they are fucked they move to the next domain ( this one was register on December 30th 2015 ) . Can google fuck them ? their hosting ? Visa or MC ?

    THANKS !
     
  2. jamie3000

    jamie3000 Supreme Member

    Joined:
    Jun 30, 2014
    Messages:
    1,309
    Likes Received:
    586
    Occupation:
    Finance coder looking for semi-retirement
    Location:
    uk
    I'd focus on securing your websites rather than fucking people...

    What set up do you currently have? What stack and management software?
     
    • Thanks Thanks x 1
  3. webpfa

    webpfa Power Member

    Joined:
    Mar 24, 2009
    Messages:
    593
    Likes Received:
    105
    Occupation:
    nothing
    Location:
    localhost
    He use cubecart. And did not have the latest version, now it do not let me to update it. Any advice ?
    Also, he did not have pphb forum or other things installed.
    Thanks for your answer
     
  4. jamie3000

    jamie3000 Supreme Member

    Joined:
    Jun 30, 2014
    Messages:
    1,309
    Likes Received:
    586
    Occupation:
    Finance coder looking for semi-retirement
    Location:
    uk
    First of all decide if you want to try and find the hack/infection or just wipe everything and restore from backup. Personally I'd wipe it then reinstall and update everything. But if you dont want to do that...

    Well first of all I'd download and scan your site with a few different vulnerability scanners.

    Then I'd update EVERYTHING (backup first) from your OS updates to your cms + plugins

    Then reset ALL your password to strong passwords.

    Put intrusion detection software on the box

    Maybe harden it up with a few htaccess rules too
     
    • Thanks Thanks x 1
  5. SBC2012

    SBC2012 Jr. VIP Jr. VIP

    Joined:
    Dec 8, 2012
    Messages:
    125
    Likes Received:
    17
    Whatever theme they could have been using could have been vulnerable also, depending on where they go the download. You should check over everything, and like what was said above, fresh install/new passwords everywhere.
     
  6. dystopia

    dystopia Registered Member

    Joined:
    Jan 9, 2016
    Messages:
    74
    Likes Received:
    30
    Restore from backup, at least then you'll know your site is clean. If that doesn't fix it, just rebuild the site and this time update your stuff, if you can also enable auto update so it doesn't happen again if you forget.
     
  7. abyssal_miss

    abyssal_miss Power Member

    Joined:
    Jun 18, 2011
    Messages:
    617
    Likes Received:
    140
    i think someone was doing this to my site for a while. I have a wordpress with woocommerce. Any suggestions on plugins to detect if this is happening?
     
  8. SEO INC

    SEO INC Regular Member

    Joined:
    Oct 24, 2015
    Messages:
    307
    Likes Received:
    70
    Location:
    Search Metrico
    Resintalling from a backup is the best solution in such cases. Not long before google start displaying the malicious website notice in search results and that is the death-knell for an eCommerce site.

    Oh, and if you want to fuck them then you need to find out their affiliate account and go after it. They generally start feeling the heat when the affiliate company start receiving complaints, that is of course if they are interested in listening to your complaints.
     
    Last edited: Jan 16, 2016
  9. abyssal_miss

    abyssal_miss Power Member

    Joined:
    Jun 18, 2011
    Messages:
    617
    Likes Received:
    140
    can anyone recommend a good plugin for wordpress to check for any discrepancies in the code against the default, etc
     
  10. wowhaxor

    wowhaxor Elite Member

    Joined:
    Apr 28, 2007
    Messages:
    2,020
    Likes Received:
    3,361
    Location:
    ?¿?
    Home Page:
    All these people who have clients and their sites get fucked up and they want to hack people. How do these people even get clients in the first place? This is the second thread like this I read this week, I'd be pissed if I was paying money and my site got fucked up but even more pissed if the guy I paid wasn't learning what exploits were used/how to secure it in the future (hint its most likely an exploit in the generic CMS you used like WordPress or whatever ecommerce theme, this is why you update when vuln updates come out) but instead wanting to 'fuck' people. Super professional.
     
    • Thanks Thanks x 1
  11. UptonGoodwin

    UptonGoodwin Power Member

    Joined:
    Jan 11, 2012
    Messages:
    593
    Likes Received:
    268
    You're not going to one up these people. They are going to be hiding themselves layers deep behind proxies, using fake user information. If you spend the time you would have to spend to beat these hackers on just securing your site against these people. You will be better off.