Got Hacked!
 

Damn, what a way to wake up. All 7 of my WP tube sites got hacked! :mad:

I have some stupid Moracan Islamic Union-Mail and a facebook icon on my sites!

I hope my host can recover my sites!

Ouch, sorry to hear this Brother :( hope the server has a recent backup and quick recovery!!

that islamic moroco guys are super boring, cant imagine them hacking and goats around ...

Sorry to hear this:mad:

Where did you get your templates/plug-ins from? - Only download from a 100% trusted source - Lots will inject all sorts of of crap...

I hope so too!

4 of the sites were wpXtube using their templates and adultsiteskins.com templates. The others were tube ace plugin using adultsiteskins.com templates.

The other plugins were from WP site like counterize, sitemap, etc

Thanks. I hope my host can fix my sites.

damn, hope you have best luck recovering all sites

Good luck, keep us posted.

I assume sites like adultsiteskins are fine - They would have been found out by now if there was an issue - PlugIns from the WP repository should be OK, look at the URLs as you install them - All you can do other than that is make sure you have the latest everything...

Don't use betas' or even RC's on production servers unless you are advised to for a particular reason by someone you trust - Your servers are even more precious than your PC at home or office - Treat them way - That tiny file on your server could be more damaging than a full blown virus on your work network...

sorry to hear. ,
i hope your host has everything backed up . if not you are screwed.

If you need a sysadmin/ security guy, hit me up. Mine is good, and he is looking for a couple more contracts.

Every open source script is insecure.

Thanks!

Sure will.

Thanks for the advice.

I installed a plugin not to long ago from the Warrior Forum. A developer needed reviewers on their before they listed on the WSO part of the site. This could have been the issue.

I hope so too. If not, I'll just fucking rebuild. I wasn't making a lot of money with them anyway.

Thanks, I will let you know.

Hmm,i don't know i am hacked but a site where i have wpxtube deployed when loading,it redirect to domain instead domain.com,basically it remove .com for some reason.And other site on server...it's powered by tubeace lol.But that domain works fine.

I hope you didn't get hacked too!

damn that's really bad start of your weekend

Dont care,that is why i holding on special vps sites powered by not-so-secure scripts.Ah never mind it seems i added bad redirect into httpd settings which caused that problem.But i will ditch that script for every case.

Armysmoke shoot me an email david at xxxc.am / it'll take me 5 min to find and fix the hack.

:thumbsup:thumbsup

It sounds like you know the problem - Would you care to share?..

All the files are gone except for an index.php and an arp.php.

I have no backups on my computer (I know, I'm an idiot). Hoping that my hosting company has a backup.

Got a message from my hosting company just now.

They are looking into it.

lets just hope that your host was doing daily or even at minimum weekly backups, at least that will give you something back, then update everything and even see if your host has the logs to see what, when and how it happened

You are not idiot,you playing hardcore mode.

damn, that sucks. I cross fingers regarding the backup!1

I hope it gets solved.. :Oh crap

hope this will sort out very soon

The host is loading backups from 5 April. Not to bad I guess. It could have been worse.

Thanks, it should be getting fixed now.

Thanks!

Thanks!

switch to tube X

im pushing some 10k+ sites on it :thumbsup 0% bought traffic

I rename the wp-login.php on my wordpress sites and rename it back when I need to login. I still see bots trying to access it. Do you protect the wp-login.php file?

Thanks for the notice. I am keeping an eye on my wpxtube site.

Also think about switching to hostgator. Nobody will be able to access your sites.

Still trying to fix it eh? Any luck?

Not really, but I do abuse work for a server administration company. Deal with this kind of stuff often.

rotsa ruck :winkwink:

https://scontent-a-sjc.xx.fbcdn.net/...64998286_o.jpg



Never heard of them...their focus appears to be grievances with non-Islamic, mostly African governments (Angola, Mozambique, South Africa, etc, although I saw that they hit the Italian government too).

http://4.bp.blogspot.com/-3PNFdFfnV8...il-hackers.jpg

Religious kooks... :mad:

:stoned

ADG

its not always the wp-login.php used to gain access to your wp.
there are mo re than that, like
rfi ,rce vulnerability


*make sure wp + plugins + themes are up to date
*and make sure to get them from repuatble sources /from anthers .

harden the os, and you can just chmod the wp-login file with 000 no need to rename eveytime.

hope u have no virus inside ur web hosting account

good luck cleaning the house :winkwink:

Good tip. Thanks!

:1orglaugh

hacking doesn’t require that much unless are super hacker .. u may need at least 10 yrs to become one

i was in HF for not a short time but i didn’t like how they treat members / very disrespectful

Maroccans are Pro in hacking :-) just watch Out
usualy they attack france.
but they are really Geunis

moroccan alert ^^ :1orglaugh