Jump to content

Hacked Again :(

CruelKind
 Share

Recommended Posts

CruelKind Newbie

CruelKind

Posted
Posted (edited)

Today the website I manage was hacked and our title result and homepage image shows f***ed by 7sign.

 

It also managed to dump 200,000+ files into our folders

 

Anyone have an immediate understanding and/or solution?

Edited by CruelKind
TwstR Newbie

TwstR

Posted
Posted

probably some script kiddie, few guild websites i used got "hacked" in this way, just putting some porn and stuff on there..

CruelKind Newbie

CruelKind

Posted
  • Author
Posted

Thanks, but I know what the problem is.. I need a solution ;)

Heretic121 Newbie

Heretic121

Posted
Posted

Well... after a quick google search, it would appear they've hit a few websites.

 

What's the website you manage? and do you know how they got in?

CruelKind Newbie

CruelKind

Posted
  • Author
Posted

it's usarplus.com (I've turned it off for now so you wont see it)

 

I know I've been hit because it replaces homepage.asp with a separate file, causing it to show the msg I indicated above. It appears to be returning that file even after I restore or delete it.

Heretic121 Newbie

Heretic121

Posted
Posted

Google Cache is a wonderful thing, looks like a custom built website.

Could you contact the developer, unless you are, and ask for some help?

It's quite likely they got in through something they/he/she made :)

Also, do you have any backups of the website?

CruelKind Newbie

CruelKind

Posted
  • Author
Posted

right -

 

The developer is me/us here on location.

 

yes we have backups, but when I restore the asp page in question it reverts back to the hacked file.

 

This tells me there's a program running somewhere checking and restoring the corrupted files whenever they are deleted.

 

I suspect the solution is to remove the offending program directly from the registry, though so far my searches haven't turned up the culprit.

CruelKind Newbie

CruelKind

Posted
  • Author
Posted

220981_zpsd7f49924.gif

 

Someone shoot me in the face and end this nightmare

Matt_14 Newbie

Matt_14

Posted
Posted (edited)

Who is your website host? They could maybe reset your account? and then you could install the back up files back up?

Edited by Matt_14
CruelKind Newbie

CruelKind

Posted
  • Author
Posted (edited)

We host our own websites, servers on site

 

We have backups, but until I remove the virus itself, it repopulates the infected files immediately after.

Edited by CruelKind
Heretic121 Newbie

Heretic121

Posted
Posted (edited)

See normally I would have plenty of things for you to check, but then I found out you're using some version of Windows and decided against it. Not because it's Windows, but because I don't have a clue where to even begin lol

 

Don't even get me started on ASP! :P

Edited by Heretic121
CruelKind Newbie

CruelKind

Posted
  • Author
Posted

well the problem is fixed, and I'm not entirely sure how.

 

I ended up deleting all the added trash files and AVG discovered a few Trojans after an upgrade of their service and the issue seems resolved.

 

sigh...

 

 

I must have lost a minimum of $500 today.

Heretic121 Newbie

Heretic121

Posted
Posted

At least you've got it sorted now :)

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

About Us

We are glad you decided to stop by our website and servers. At Fearless Assassins Gaming Community (=F|A=) we strive to bring you the best gaming experience possible. With helpful admins, custom maps and good server regulars your gaming experience should be grand! We love to have fun by playing online games especially W:ET, Call of Duty Series, Counter Strike: Series, Minecraft, Insurgency, DOI, Sandstorm, RUST, Team Fortress Series & Battlefield Series and if you like to do same then join us! Here, you can make worldwide friends while enjoying the game. Anyone from any race and country speaking any language can join our Discord and gaming servers. We have clan members from US, Canada, Europe, Sri Lanka, India, Japan, Australia, Brazil, UK, Austria, Poland, Finland, Turkey, Russia, Germany and many other countries. It doesn't matter how much good you are in the game or how much good English you speak. We believe in making new friends from all over the world. If you want to have fun and want to make new friends join up our gaming servers and our VoIP servers any day and at any time. At =F|A= we are all players first and then admins when someone needs our help or support on server.

Player Gaming Stats for =F|A= Servers.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept