My domain got hacked!

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • LavenderLounge
    Confirmed User
    • Apr 2006
    • 110

    #1

    My domain got hacked!

    A friend called this morning to tell me my domain, Lavender Lounge dot com got hacked. When I checked, sure enough, there was an image of a gnarling dog and this text:

    .:[ LegijaOne Ownz you! ]:.
    .:[ by FDCR3W ]:.
    .:[ H3LLdOgz on the NET! ]:.

    I opened my ftp program and found that my "index.html" file had been renamed "xxxindex.html" and there was a new file named "index.php" with that image imbedded.

    All I needed to do was delete those weird files and re-load the right file, and it seems to be alright for now.

    I called my host, Webair, and they are checking for security leaks.

    I am curious to find out the how's and why's. Has this happended to any of you before?
    LavenderLounge.com - a FUN gay site!
    LAVENDER LOUNGE AFFILIATE PROGRAM: http://nats.mygaycash.com/track/1271...6.47.0.0.0.0.0
    VintageBareback.com - gay porn 1950s-1970s
    MuscleBearCub.com - Unique niche
    AFFILIATE PROGRAM FOR VINTAGE BAREBACK AND MUSCLE BEAR CUB: http://www.lavenderlounge.biz
  • minusonebit
    So Fucking Banned
    • Feb 2006
    • 7391

    #2
    Defacement. Hackers do it for kicks.

    At least your hacker was nice enough to leave your files intact and not do rm -rf on your root directory.

    Change all of your passwords. Make sure you are using something secure for a password (Firefox's secure password generator plugin with an 18 char password is a good start) and then jump all over your host. Also, if you run a forum, be sure you have updated to the most recent version. Forums (esp. phpBB) are great entry points for hackers.

    Comment

    • pornguy
      Too lazy to set a custom title
      • Mar 2003
      • 62912

      #3
      Webair??? Dman I would expect more from thier stuff.
      PornGuy skype me pornguy_epic

      AmateurDough The Hottes Shemales online!
      TChicks.com | Angeles Cid | Mariana Cordoba | MAILERS WELCOME!

      Comment

      • madawgz
        8.8.8.8
        • Mar 2006
        • 30509

        #4
        doesnt look like the domain got hacked, but the hosting got hacked

        they have clans doing that for fun ... see who can do the most defacements...
        TAEMDLRMSKRJIXMRLSMRJ.

        Comment

        • juve20
          Confirmed User
          • Feb 2005
          • 2542

          #5
          shit happens!

          cheers
          tony
          Monetize your site with AdBrite! Monetize your site with AdBrite!

          Comment

          • SmokeyTheBear
            ►SouthOfHeaven
            • Jun 2004
            • 28609

            #6
            maybe your blog software .. what do you use for your blog ? version ?
            hatisblack at yahoo.com

            Comment

            • HairToStay
              Confirmed User
              • Oct 2002
              • 1521

              #7
              What programs do you run on the site? What scripts?

              There is supposedly a new exploit in Apache but so far I haven't been able to track down specifically what it is, what versions it affects, or how it is executed.
              Make bank by giving your surfers free pics every day and it costs you NOTHING! Use POTD Sponsors to find adult sponsors in more than 75 niches who offer a POTD feature!

              Comment

              • thricer
                Confirmed User
                • Dec 2005
                • 5324

                #8
                you got to hire some security guy to watch out for you server...
                None So

                Comment

                • LavenderLounge
                  Confirmed User
                  • Apr 2006
                  • 110

                  #9
                  The blog is done with Moveable Type 3.01. Otherwise, the rest of the site is all done in very simple html. I wouldn't know php from pcp, except they both give me a headache.

                  I had a little javascript on the page from SexMoney that redirected foreign language users. Could that be the problem?
                  LavenderLounge.com - a FUN gay site!
                  LAVENDER LOUNGE AFFILIATE PROGRAM: http://nats.mygaycash.com/track/1271...6.47.0.0.0.0.0
                  VintageBareback.com - gay porn 1950s-1970s
                  MuscleBearCub.com - Unique niche
                  AFFILIATE PROGRAM FOR VINTAGE BAREBACK AND MUSCLE BEAR CUB: http://www.lavenderlounge.biz

                  Comment

                  • Vox
                    Confirmed User
                    • Mar 2002
                    • 2710

                    #10
                    Originally posted by LavenderLounge
                    The blog is done with Moveable Type 3.01. Otherwise, the rest of the site is all done in very simple html. I wouldn't know php from pcp, except they both give me a headache.

                    I had a little javascript on the page from SexMoney that redirected foreign language users. Could that be the problem?

                    There's the culprit: MT 3.01
                    You need to upgrade to 3.2 ASAP, I've had the same thing happen to me back in November using an older version of MT
                    Social profile assassination for hire

                    Comment

                    • SmokeyTheBear
                      ►SouthOfHeaven
                      • Jun 2004
                      • 28609

                      #11
                      Originally posted by Vox
                      There's the culprit: MT 3.01
                      You need to upgrade to 3.2 ASAP, I've had the same thing happen to me back in November using an older version of MT
                      hatisblack at yahoo.com

                      Comment

                      Working...