Goodness!
Are we at risk as well? Seems like the hacker likes aquatic sites.
Cheers,
http://aquamarineshop.com/
I went to this site now, and found that it was hacked.
Click on admin and maybe someone can trace the hacker.
I think it is the same hacker from Turkey who hacked into our website also http://www.indianaquariumhobbyist.com in July and gave us huge headaches.
Will someone contact the owner and get the server shutdown.
Last edited by vinz; 22nd Aug 2006 at 12:45. Reason: Fixed quotes and links.
Goodness!
Are we at risk as well? Seems like the hacker likes aquatic sites.
Cheers,
I have dwarf cichlids in my tanks! Do you?
Yes, better take precautions and have in good security.
Thanks for the heads up.
Update: I managed to get hold of AquaMarineShop and informed them.
Vincent - AQ is for everyone, but not for 'u' and 'mi'.
Why use punctuation? See what a difference it makes:A woman, without her man, is nothing.
A woman: without her, man is nothing.
Thanks Vinz.
I know how frustrating this can be.
Especially an e-retailer. Poor Guys, my sympathies and Good Wishes for a speedy recovery.
Also noticed quite some spam going around aquatic sites... And they are the same spam threads...
Is this the reason why AQ was down for a while since last night?
I reported the hacking in a few Singapore Forums so that the owner can be contacted quickly.
know what?
One of them Banned me!
Looks like it's not actually a server hack. It's a mere removal of the index.php file through a script exploit... older versions of osCommerce has a vulnerability which equates to an SQL injection type method which allows the hacker to remove your files and deface your site.
visit my photo albums @ flickr!
You maybe right Grey_fox. That is what must have happenned.
This guy leaves behind script files all over the place in your system. So simply replacing your index.php file will not work. More over one does not know when he's left the other script files in place and then a few weeks later decided to show himself. Reverting to an older database backup puts him back in control.
Reinstalling the OS and changing your CMS to a newer more secure version seems to be the only solution.
These fellows are a bloody pain.
He removed the index.php or index.* file as the site is showing its skeleton directory, he probably forgotten to rename that puc.php file to index.php or maybe did it on purpose.
Unless its a server hack, the entire site or sites under that server will not be accessible. It's likely a CMS hack only. Open source CMS are especially open to such attacks, thus the importance of having the script updated from the developers from time-to-time.
Server hacks are normally due to vulnerable kernels (assuming its on a *nix platform).
The hosting company should do its part by checking up for kernel updates or vulnerability issues with its box (since most *nix platforms are open source as well).
I would not say that these hackers are a pain, infact, it makes one take preventive steps in future, if you're running a business this is absolutely of importance. No one wants to shop at an online store where the entire sites' been hacked or defaced in this matter.... online purchases equates to one keying in sensitive-money-related information.
Scripts like vBulletin (like what AQ is using) are commercialised so the developers take particular care of its coding and scripting (since its a source of revenue) so its the site owners' responsibility to be pro-active to any sort of updates the vBulletin should issue out.
visit my photo albums @ flickr!
How did I say in the above post we suffered an attack some years ago, when we used a old forum software. But this day we cann´t access to the forum, when you try come in, you only can see a white page.
Here it is the link
http://acuaforos.net/foros/index.php
Maybe another attack?
Hi Xema, that index.php page is blank (an empty file - 0 bytes) if you have the forum files still or if you don't just upload the index.php file up and you're good to go.
visit my photo albums @ flickr!
doesn't look like any data's been lost in the first site..
index_promo's been changed though.. it looks interesting
Nope... hardware issues at the host. We're looking for a new host.Originally Posted by Nicky
Vincent - AQ is for everyone, but not for 'u' and 'mi'.
Why use punctuation? See what a difference it makes:A woman, without her man, is nothing.
A woman: without her, man is nothing.
Bookmarks