Quote:
|
Originally Posted by Linkster
Can your host provide logs as to how the script initially got on your server? This sounds like something that a lot of WMs have been experiencing lately that seems to be connected to a compromised sponsors affiliates password file where some have used the same password for a sponsor as they use on their server (not smart but it has happened).
What I would be looking for is an initial PUT where the guy just used ftp to get in with no real hack attempts(already knew the pass)
|
dude, no shit..I have 4 close friends recently that have had the EXACT same thing going on...and that is fucked up because I don't have that many friends, LOL...