Advertisements
Aquatic Avenue Banner Tropica Shop Banner Fishy Business Banner
Results 1 to 16 of 16

Thread: These Hackers are at it again

  1. #1
    Join Date
    Nov 2002
    Location
    India
    Posts
    36
    Feedback Score
    0
    Country
    India

    These Hackers are at it again

    Advertisements
    Fresh n Marine aQuarium Banner

    Advertise here

    Advertise here
    http://aquamarineshop.com/

    I went to this site now, and found that it was hacked.

    Click on admin and maybe someone can trace the hacker.

    I think it is the same hacker from Turkey who hacked into our website also http://www.indianaquariumhobbyist.com in July and gave us huge headaches.

    Will someone contact the owner and get the server shutdown.
    Last edited by vinz; 22nd Aug 2006 at 12:45. Reason: Fixed quotes and links.

  2. #2
    Join Date
    Jul 2002
    Location
    Beauty World
    Posts
    7,114
    Feedback Score
    0
    Images
    789
    Country
    Singapore
    Goodness!

    Are we at risk as well? Seems like the hacker likes aquatic sites.

    Cheers,
    I have dwarf cichlids in my tanks! Do you?

  3. #3
    Join Date
    Nov 2002
    Location
    India
    Posts
    36
    Feedback Score
    0
    Country
    India
    Yes, better take precautions and have in good security.

  4. #4
    Join Date
    Dec 2001
    Location
    Singapore, Singapore, Singapore
    Posts
    8,958
    Feedback Score
    1 (100%)
    Images
    104
    Country
    Singapore
    Thanks for the heads up.

    Update: I managed to get hold of AquaMarineShop and informed them.
    Vincent - AQ is for everyone, but not for 'u' and 'mi'.
    Why use punctuation? See what a difference it makes:
    A woman, without her man, is nothing.
    A woman: without her, man is nothing.

  5. #5
    Join Date
    Nov 2002
    Location
    India
    Posts
    36
    Feedback Score
    0
    Country
    India
    Thanks Vinz.

    I know how frustrating this can be.

    Especially an e-retailer. Poor Guys, my sympathies and Good Wishes for a speedy recovery.

  6. #6
    Join Date
    Oct 2005
    Location
    Hougang
    Posts
    3,747
    Feedback Score
    0
    Images
    199
    Country
    Singapore
    Also noticed quite some spam going around aquatic sites... And they are the same spam threads...
    ~ Vincent ~ Fishes calm your mind...
    http://www.flickr.com/photos/valice/





  7. #7
    Join Date
    Apr 2002
    Location
    Lurking somewhere in the west..
    Posts
    735
    Feedback Score
    6 (100%)
    Images
    64
    Country
    Singapore
    Is this the reason why AQ was down for a while since last night?

  8. #8
    Join Date
    Nov 2002
    Location
    India
    Posts
    36
    Feedback Score
    0
    Country
    India
    I reported the hacking in a few Singapore Forums so that the owner can be contacted quickly.

    know what?

    One of them Banned me!

  9. #9
    Join Date
    Aug 2003
    Location
    Spain
    Posts
    156
    Feedback Score
    0
    Images
    1
    Country
    Spain
    We had suffered an attack too in Spain some years ago, really this guy love aqua sites.


    Greets from Spain

  10. #10
    Join Date
    Jan 2006
    Location
    Wherever KNO3 is available!
    Posts
    1,297
    Feedback Score
    0
    Images
    19
    Country
    Singapore
    Looks like it's not actually a server hack. It's a mere removal of the index.php file through a script exploit... older versions of osCommerce has a vulnerability which equates to an SQL injection type method which allows the hacker to remove your files and deface your site.
    visit my photo albums @ flickr!

  11. #11
    Join Date
    Nov 2002
    Location
    India
    Posts
    36
    Feedback Score
    0
    Country
    India
    You maybe right Grey_fox. That is what must have happenned.

    This guy leaves behind script files all over the place in your system. So simply replacing your index.php file will not work. More over one does not know when he's left the other script files in place and then a few weeks later decided to show himself. Reverting to an older database backup puts him back in control.

    Reinstalling the OS and changing your CMS to a newer more secure version seems to be the only solution.

    These fellows are a bloody pain.

  12. #12
    Join Date
    Jan 2006
    Location
    Wherever KNO3 is available!
    Posts
    1,297
    Feedback Score
    0
    Images
    19
    Country
    Singapore
    He removed the index.php or index.* file as the site is showing its skeleton directory, he probably forgotten to rename that puc.php file to index.php or maybe did it on purpose.

    Unless its a server hack, the entire site or sites under that server will not be accessible. It's likely a CMS hack only. Open source CMS are especially open to such attacks, thus the importance of having the script updated from the developers from time-to-time.

    Server hacks are normally due to vulnerable kernels (assuming its on a *nix platform).

    The hosting company should do its part by checking up for kernel updates or vulnerability issues with its box (since most *nix platforms are open source as well).

    I would not say that these hackers are a pain, infact, it makes one take preventive steps in future, if you're running a business this is absolutely of importance. No one wants to shop at an online store where the entire sites' been hacked or defaced in this matter.... online purchases equates to one keying in sensitive-money-related information.

    Scripts like vBulletin (like what AQ is using) are commercialised so the developers take particular care of its coding and scripting (since its a source of revenue) so its the site owners' responsibility to be pro-active to any sort of updates the vBulletin should issue out.
    visit my photo albums @ flickr!

  13. #13
    Join Date
    Aug 2003
    Location
    Spain
    Posts
    156
    Feedback Score
    0
    Images
    1
    Country
    Spain
    How did I say in the above post we suffered an attack some years ago, when we used a old forum software. But this day we cann´t access to the forum, when you try come in, you only can see a white page.

    Here it is the link

    http://acuaforos.net/foros/index.php

    Maybe another attack?

  14. #14
    Join Date
    Jan 2006
    Location
    Wherever KNO3 is available!
    Posts
    1,297
    Feedback Score
    0
    Images
    19
    Country
    Singapore
    Hi Xema, that index.php page is blank (an empty file - 0 bytes) if you have the forum files still or if you don't just upload the index.php file up and you're good to go.
    visit my photo albums @ flickr!

  15. #15
    Join Date
    Jul 2006
    Location
    Simei
    Posts
    111
    Feedback Score
    1 (100%)
    Images
    4
    Country
    Singapore
    doesn't look like any data's been lost in the first site..

    index_promo's been changed though.. it looks interesting

  16. #16
    Join Date
    Dec 2001
    Location
    Singapore, Singapore, Singapore
    Posts
    8,958
    Feedback Score
    1 (100%)
    Images
    104
    Country
    Singapore
    Quote Originally Posted by Nicky
    Is this the reason why AQ was down for a while since last night?
    Nope... hardware issues at the host. We're looking for a new host.
    Vincent - AQ is for everyone, but not for 'u' and 'mi'.
    Why use punctuation? See what a difference it makes:
    A woman, without her man, is nothing.
    A woman: without her, man is nothing.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •