My website was HACKED BY iskorpitx (Turkish Hacker)

Sorry to hear. :td:

No backups?

lzy said:

Sorry to hear. :td:

No backups?

Click to expand...

No backups. I guess my web host has backups, at least they advertise that, but first I have to get my sites back up for my clients. It just upsets me.....

SMBGeek said:

No backups. I guess my web host has backups, at least they advertise that, but first I have to get my sites back up for my clients. It just upsets me.....

Click to expand...

Wow, thats incredibly frustrating. Sorry to hear your going through this. Any idea how they hacked into the host? Security breach? Password?

Definately speak to your hosts and see if there is anything they can do to help you. Hopefully, they will have backups of all the files you had on the server.

Good luck.

Alex

Are you a web developer? Always keep your software up to date and backup.

People(hacker) does that for fun or popularity.

Did any of your sites or your clients site use Joomla?
Security Vulnerability was found recently and need to upgrade to 1.5.6

My suggestion is to not publicize the hacker's name... That's what turns them on.

copper said:

Did any of your sites or your clients site use Joomla?
Security Vulnerability was found recently and need to upgrade to 1.5.6

Click to expand...

Yes all my Joomla sites that were not recent ones got nailed....... I think it should be the same as stealing and these guys should be pursued.

Ah, JOOMLA, the hackers favourite im afraid. JOOMLA is notorious for hacks, and quite frankly i NEVER published my gambling site on the JOOMLA forum for this very reason. The problem is many external applications have gaping security holes. There are far too many JOOMLA experts around who do this for fun im afraid. You may need a JOOMLA ninja to help fix all this up, but again, you need one you can trust. Im very sorry to hear this, i feel for you.

I know of some hackers that actually hack your systems and then send you an e-mail displaying what they did to hack your site and remind you of security. I guess its what you deserve in some respect. Also a reminder KEEP BACK UPS! Talk with you host and see whats up. Good luck and hope everything comes out ok.

If I could give you some advice, maintain critical sites (clients) and yours on different servers.

Make sure your host has backup but don't just rely on their word. Verify and test the backups. I also perform my own backups and they are automatically uploaded to a remote location just in case...

Last but not least be careful with third party software. Joomla has a history of security vulnerabilities. It's important to have up-to-date versions of pretty much everything.
Good luck :tu:

I had all my web sites hacked a few weeks a go as well. I too didn't have any backups at the time. I still haven't managed to set everything right yet, and i've lost quite a bit of content.

The old version of Joomla (1.5.5) has some serious security issue. Upgrade to Joomla 1.5.6.

Also what ever CMS you are using, make sure that you are downloading the script from the orginal website. This is very important, b'cos hackers play a lot with open source scripts. :D

I really appreciate everyones advice. Is there a subforum on NP dedicated to security risks and such. Maybe there should be. just a thought...

Always always always keep multiple backups of any critical work. I keep three - on my work computer hard drive, on an external hard drive that I don't keep connected to my network, and on cd disc. I keep the collection of cd discs outside my home office as well - that way if my home office is robbed/burned down etc I always have copies safe elsewhere.

It's a pain in the arse to do all that but it's much easier than recreating a website!

If you sell services you need to have a decent disaster recovery plan and a flawless backup plan.

Regarding backups, here's what I do: (hope it helps)

1 - Automatic backup my server DAILY! (It's 30 GB of data) to a different backup server. I mean FULL backup.
2 - I retain weekly copies and monthly copies of all the sites I own.
3 - I make a full automatic download of all weekly data to my own Home server.
4 - I backup my own home server daily to a different disk outside the server.
5 - I copy all the main files to a 4GB pen drive I keep on my neck all the time.

Am I nuts? Well, if your sites earned you thousands of dollars per month I'm sure you'd be nuts too.

Most of the times, he only replaces the index page. Perhaps your original is still available?

Sorry to hear that man, hopefully you can get it cleared up without too many headaches. This is a good reminder for everyone to back up their sites.

Yeah very good reminder, I'm going to do some back-ups right now.

I feel for you. And I know how it feels, I had two sites running on Joomla about a year ago. One was a newly built client site, the other a music site. Both were hacked. Turned into phishing sites for banks.

The worst part is that my music site had a lot of interest from well known clubs and record companies and it was also making me over $1k per month. Unfortunately the back-ups I had were too old and I did a lot of custom coding which were all lost. It also happened at the worst possible time - when I was moving homes and starting a new business... I never recovered the site and even now the site/domain gets 2-3k visitors per month

Hope you get your stuff sorted. Don't let it get you down, just take it on the chin and think of it as a lesson. You know what they say, whatever doesn't kill you only makes you stronger. Good luck.



btw. if PommyG gives permission - it would be a good idea for a mod/admin to remove the hackers name from the thread title. Last thing you wanna do is give him/her a trophy for what was done!

:?

Just take regular backups and keep uploading them everytime they mess up with it.

They have nothing to earn from this but you have to earn from it. So 1 of you will get frustrated in end and it should be them :D

sorry to hear this. your hosting provider might have backups or you can work your way on un uploaded files from your computer.

Sorry to hear about this. I wish your host has backups to recover what you lost.

Even if we have backups, it is the effort to bring the site back to normal and ensuring that it will not be hacked again that is the major worry. I take regular backups. But if the site is down for a week, I lose visitors and it bombs my search engine position. It vanishes from Google results if it is down for a week. And if search engine is your major visitor feed, then it is going to cost you more.

I had over 30 sites that this happened to early this year. To make it worse I was buying hosting from someone who was buying it from someone else.These people had a falling out and I was in the middle. I do think it was strange that it happened in the middle of this falling out.
It was just a diaster. I lost one major site completely and I am still working to get things back.This diaster has put me so far behind. I lost a major community site I was running, I doubt if I will be able to get the majority of ex users back. Not to mention the major drop in traffic from the search engines while the site was down.

I am now very concerned about the security of word press, joomla and drupal type sites. I have a couple of hundred word press sites which I am now converting with xsitepro [ no I am nothing to do with this company} to ordinary html sites.

The problem with the joomla, drupal. wordpress type sites, is there is some sort of update every week or so. If you have a few hundred sites, you spend all your time updating sites to the latest version. Then a complete new version comes out, and guess what half the plug in's you use to make your site are not updated to work with the newer version.

Keeping your site up to date does not always work [ it does help}.

I use coppermine on about 6 sites. The scripts where up to date and a week later all the coppermine galleries where hacked.

Maybe with drupal's multisite feature you get around this by having one installion for a hundred sites, but I am concerned about traffic from search engines when you do this.

The hackers- all I think is -what a waste of time and energy.
I struggle so much on the internet and would love to be more talented.
I just wish the hackers would put there talents into better things.