1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WEBSITE HACKED: Worst virus ever!!! :@ :(

Discussion in 'Black Hat SEO' started by ardley216, Nov 4, 2011.

  1. ardley216

    ardley216 Elite Member

    Joined:
    Mar 28, 2008
    Messages:
    2,391
    Likes Received:
    2,356
    Occupation:
    Finding easy keywords
    Location:
    1,500,000,000 Keywords Re
    Home Page:
    Yesterday.. I went to check on one of my websites and it wasn't loading properly. I was using the latest version of wordpress. No hacked plugins or anything. And nothing was showing up in the content area...

    Then all of a sudeen loads of error messages came up.. for example:

    taskmngr.exe wants to access your pc, yes, no.
    hundreds of those!

    then everything went to shit. hit the off button.. and to make sure.. ( as i was in uni) i went on one of the pc's there.. and same thing happened ( :D oops)..

    so then i started it up in safemode with no networking. and managed to save the most important files.. that being my music and BH stuff! ;) ... but even then the virus was converting allllll files to "£"%$^£%& - 223,315,6342 kb "

    so yeahh last night was a frantic night of formatting my laptop, and reinstalling all the cracked adobe stuff and cracked SEO stuff I had on there before...

    I would like to know HOOOW they did it?! and that website was generating 300 uv a day. did they all get the same thing?
     
  2. GloCk99

    GloCk99 Regular Member

    Joined:
    Mar 12, 2009
    Messages:
    368
    Likes Received:
    224
    Location:
    The BigSmoke

    you said it.
     
    • Thanks Thanks x 2
  3. browsing_hosts

    browsing_hosts Regular Member

    Joined:
    Nov 12, 2010
    Messages:
    360
    Likes Received:
    341
    Occupation:
    Student at Uni + IM on side
    Location:
    London
    Are you sure the virus is coming directly from your site? Does it still happened if you was to visit the site again?
     
  4. bbrez1

    bbrez1 Power Member

    Joined:
    Feb 21, 2009
    Messages:
    675
    Likes Received:
    2,360
    google antivirus software
     
    • Thanks Thanks x 1
  5. Xellon

    Xellon Regular Member

    Joined:
    Apr 22, 2011
    Messages:
    287
    Likes Received:
    51
    Occupation:
    Soldier
    Location:
    The future, year 2036
    Home Page:
    Always have an AV in handy running on your computer :)
     
  6. ardley216

    ardley216 Elite Member

    Joined:
    Mar 28, 2008
    Messages:
    2,391
    Likes Received:
    2,356
    Occupation:
    Finding easy keywords
    Location:
    1,500,000,000 Keywords Re
    Home Page:

    Right.. Good for you.

    And, before you say that, I only use stuff that is shared on BHW and reputable adobe stuff.

    Are you saying that the files on BHW are malicious?

    And why are ALL my other websites fine?




    I don't really appreciate those sarcastic remarks after losing ALL my sleep and ALL my data. No offence.
     
  7. ardley216

    ardley216 Elite Member

    Joined:
    Mar 28, 2008
    Messages:
    2,391
    Likes Received:
    2,356
    Occupation:
    Finding easy keywords
    Location:
    1,500,000,000 Keywords Re
    Home Page:
    Not sure, Hostgator removed it within 30 mins. Was hacked once before, by some turkish group.

    Im not sure its still there. I assume it's gone. but yes definitely from my site, messed up a uni computer.

    I do. It ran from some javascript. and instant crash.
     
  8. tnhomestead

    tnhomestead Regular Member

    Joined:
    Oct 9, 2011
    Messages:
    385
    Likes Received:
    253
    Location:
    Tenneessee USA
    Home Page:
    What happened the first time? Bet they left some backdoors and thats what happened this time. I always wipe a site clean and reinstall for that reason. Good luck!
     
  9. ardley216

    ardley216 Elite Member

    Joined:
    Mar 28, 2008
    Messages:
    2,391
    Likes Received:
    2,356
    Occupation:
    Finding easy keywords
    Location:
    1,500,000,000 Keywords Re
    Home Page:
    Dude are you blind?... Did you even read what I said? The only stuff is from BHW and CLEAN adobe stuff.

    It was from the website. NOT MY LAPTOP. Cool. :) I think you understand now.
     
  10. Gammbyt

    Gammbyt Newbie

    Joined:
    Oct 12, 2011
    Messages:
    41
    Likes Received:
    66
    This is all in hindsight now, but to help deter this from happening on your computer in the future I would recommend installing some VM software and just doing any browsing from inside the virtual machine. I would also run any questionable programs inside the virtual machine until you are sure it is safe. That way if something happens you can just delete the virtual machine and your pc should be ok still (just have to reload a new instance of the VM).

    It's hard to say exactly how they did it, but if it affected your personal pc and another one you used from the university then chances are it had the potential to do the same to everyone else who accessed the site, unless they had maybe a script blocking program installed. NoScript on Firefox has saved me a couple of times :)
     
  11. sfidirectory

    sfidirectory Senior Member

    Joined:
    Mar 29, 2010
    Messages:
    899
    Likes Received:
    483
    Occupation:
    Web developer/BTC enthusiast
    Location:
    php artisan make:migration
    Home Page:
    What about all the hackers over in HackForums.com lol. I can't really elaborate on what they talk about here as discussing hacking is against BHW t.o.s but I presume most of you are familiar with them....