My website was HACKED BY iskorpitx (Turkish Hacker)

JamesDavid · 08-28-2008, 09:16 AM

a bunch of my minisites were hacked by this guy and now it puts me back about 4 months on my mini site development. All my CMS installs are trashed... I mean what the hell, why woudl someone do this? My web hosting service downed my entire server till I clean everything up and now my web hosting clients are calling me asking why their sites and emails are down..

It is sick some guy gets his kicks from this.

lzy · 08-28-2008, 09:28 AM

Sorry to hear.

No backups?

JamesDavid · 08-28-2008, 09:44 AM

Originally Posted by lzy

Sorry to hear.

????: NamePros.com http://www.namepros.com/domain-name-discussion/508395-my-website-hacked-iskorpitx-turkish-hacker.html

No backups?

No backups. I guess my web host has backups, at least they advertise that, but first I have to get my sites back up for my clients. It just upsets me.....

Spade · 08-28-2008, 09:47 AM

Originally Posted by SMBGeek

No backups. I guess my web host has backups, at least they advertise that, but first I have to get my sites back up for my clients. It just upsets me.....

Wow, thats incredibly frustrating. Sorry to hear your going through this. Any idea how they hacked into the host? Security breach? Password?

alex_d · 08-28-2008, 09:50 AM

Definately speak to your hosts and see if there is anything they can do to help you. Hopefully, they will have backups of all the files you had on the server.

Good luck.

Alex

Albert · 08-28-2008, 10:02 AM

Are you a web developer? Always keep your software up to date and backup.

People(hacker) does that for fun or popularity.

copper · 08-28-2008, 11:40 AM

Did any of your sites or your clients site use Joomla?
Security Vulnerability was found recently and need to upgrade to 1.5.6

GF · 08-28-2008, 01:06 PM

My suggestion is to not publicize the hacker's name... That's what turns them on.

JamesDavid · 08-28-2008, 01:08 PM

Originally Posted by copper

Did any of your sites or your clients site use Joomla?
????: NamePros.com http://www.namepros.com/showthread.php?t=508395
Security Vulnerability was found recently and need to upgrade to 1.5.6

Yes all my Joomla sites that were not recent ones got nailed....... I think it should be the same as stealing and these guys should be pursued.

maxeaus · 08-28-2008, 01:15 PM

Ah, JOOMLA, the hackers favourite im afraid. JOOMLA is notorious for hacks, and quite frankly i NEVER published my gambling site on the JOOMLA forum for this very reason. The problem is many external applications have gaping security holes. There are far too many JOOMLA experts around who do this for fun im afraid. You may need a JOOMLA ninja to help fix all this up, but again, you need one you can trust. Im very sorry to hear this, i feel for you.

Ross · 08-28-2008, 01:20 PM

I know of some hackers that actually hack your systems and then send you an e-mail displaying what they did to hack your site and remind you of security. I guess its what you deserve in some respect. Also a reminder KEEP BACK UPS! Talk with you host and see whats up. Good luck and hope everything comes out ok.

sdsinc · 08-28-2008, 02:28 PM

If I could give you some advice, maintain critical sites (clients) and yours on different servers.

Make sure your host has backup but don't just rely on their word. Verify and test the backups. I also perform my own backups and they are automatically uploaded to a remote location just in case...

Last but not least be careful with third party software. Joomla has a history of security vulnerabilities. It's important to have up-to-date versions of pretty much everything.
Good luck

st0rmer · 08-28-2008, 02:56 PM

I had all my web sites hacked a few weeks a go as well. I too didn't have any backups at the time. I still haven't managed to set everything right yet, and i've lost quite a bit of content.

TechQueen · 08-28-2008, 04:40 PM

The old version of Joomla (1.5.5) has some serious security issue. Upgrade to Joomla 1.5.6.

Also what ever CMS you are using, make sure that you are downloading the script from the orginal website. This is very important, b'cos hackers play a lot with open source scripts.

JamesDavid · 08-28-2008, 04:43 PM

I really appreciate everyones advice. Is there a subforum on NP dedicated to security risks and such. Maybe there should be. just a thought...

whitebark · 08-28-2008, 04:47 PM

Always always always keep multiple backups of any critical work. I keep three - on my work computer hard drive, on an external hard drive that I don't keep connected to my network, and on cd disc. I keep the collection of cd discs outside my home office as well - that way if my home office is robbed/burned down etc I always have copies safe elsewhere.

It's a pain in the arse to do all that but it's much easier than recreating a website!

Shenron · 08-28-2008, 04:54 PM

If you sell services you need to have a decent disaster recovery plan and a flawless backup plan.

Regarding backups, here's what I do: (hope it helps)

1 - Automatic backup my server DAILY! (It's 30 GB of data) to a different backup server. I mean FULL backup.
2 - I retain weekly copies and monthly copies of all the sites I own.
????: NamePros.com http://www.namepros.com/showthread.php?t=508395
3 - I make a full automatic download of all weekly data to my own Home server.
4 - I backup my own home server daily to a different disk outside the server.
5 - I copy all the main files to a 4GB pen drive I keep on my neck all the time.

Am I nuts? Well, if your sites earned you thousands of dollars per month I'm sure you'd be nuts too.

fattee77 · 08-29-2008, 04:54 PM

Most of the times, he only replaces the index page. Perhaps your original is still available?

Michael · 08-29-2008, 05:10 PM

Sorry to hear that man, hopefully you can get it cleared up without too many headaches. This is a good reminder for everyone to back up their sites.

**RicoShay** · 08-29-2008, 06:11 PM

Yeah very good reminder, I'm going to do some back-ups right now.

I feel for you. And I know how it feels, I had two sites running on Joomla about a year ago. One was a newly built client site, the other a music site. Both were hacked. Turned into phishing sites for banks.

The worst part is that my music site had a lot of interest from well known clubs and record companies and it was also making me over $1k per month. Unfortunately the back-ups I had were too old and I did a lot of custom coding which were all lost. It also happened at the worst possible time - when I was moving homes and starting a new business... I never recovered the site and even now the site/domain gets 2-3k visitors per month

Hope you get your stuff sorted. Don't let it get you down, just take it on the chin and think of it as a lesson. You know what they say, whatever doesn't kill you only makes you stronger. Good luck.

btw. if PommyG gives permission - it would be a good idea for a mod/admin to remove the hackers name from the thread title. Last thing you wanna do is give him/her a trophy for what was done!
????: NamePros.com http://www.namepros.com/showthread.php?t=508395

**-Nick-** · 08-29-2008, 10:53 PM

Just take regular backups and keep uploading them everytime they mess up with it.

They have nothing to earn from this but you have to earn from it. So 1 of you will get frustrated in end and it should be them

weblord · 08-29-2008, 11:37 PM

sorry to hear this. your hosting provider might have backups or you can work your way on un uploaded files from your computer.

nmridul · 08-30-2008, 05:53 AM

Sorry to hear about this. I wish your host has backups to recover what you lost.

Even if we have backups, it is the effort to bring the site back to normal and ensuring that it will not be hacked again that is the major worry. I take regular backups. But if the site is down for a week, I lose visitors and it bombs my search engine position. It vanishes from Google results if it is down for a week. And if search engine is your major visitor feed, then it is going to cost you more.

dochlaggie · 08-30-2008, 07:28 PM

I had over 30 sites that this happened to early this year. To make it worse I was buying hosting from someone who was buying it from someone else.These people had a falling out and I was in the middle. I do think it was strange that it happened in the middle of this falling out.
It was just a diaster. I lost one major site completely and I am still working to get things back.This diaster has put me so far behind. I lost a major community site I was running, I doubt if I will be able to get the majority of ex users back. Not to mention the major drop in traffic from the search engines while the site was down.
????: NamePros.com http://www.namepros.com/showthread.php?t=508395

I am now very concerned about the security of word press, joomla and drupal type sites. I have a couple of hundred word press sites which I am now converting with xsitepro [ no I am nothing to do with this company} to ordinary html sites.

The problem with the joomla, drupal. wordpress type sites, is there is some sort of update every week or so. If you have a few hundred sites, you spend all your time updating sites to the latest version. Then a complete new version comes out, and guess what half the plug in's you use to make your site are not updated to work with the newer version.

Keeping your site up to date does not always work [ it does help}.

I use coppermine on about 6 sites. The scripts where up to date and a week later all the coppermine galleries where hacked.

Maybe with drupal's multisite feature you get around this by having one installion for a hundred sites, but I am concerned about traffic from search engines when you do this.

The hackers- all I think is -what a waste of time and energy.
I struggle so much on the internet and would love to be more talented.
I just wish the hackers would put there talents into better things.

08-28-2008, 09:16 AM	THREAD STARTER #1 (permalink)
JamesDavid www.JamesDavid.com Join Date: Dec 2006 Location: South Suburbs of Chicago Posts: 776	My website was HACKED BY iskorpitx (Turkish Hacker) a bunch of my minisites were hacked by this guy and now it puts me back about 4 months on my mini site development. All my CMS installs are trashed... I mean what the hell, why woudl someone do this? My web hosting service downed my entire server till I clean everything up and now my web hosting clients are calling me asking why their sites and emails are down.. It is sick some guy gets his kicks from this. __________________ Developed:KankakeeCounty.com \| DailySpoon.mobi\| InvestmentFirms.net \| BackTrackLinux.com

08-28-2008, 09:28 AM	#2 (permalink)
lzy Senior Member Join Date: Oct 2006 Posts: 3,118	Sorry to hear. No backups? __________________ ... Last edited by lzy; 08-28-2008 at 09:35 AM.

08-28-2008, 09:50 AM	#5 (permalink)
alex_d NamePros Regular Join Date: May 2005 Posts: 903	Definately speak to your hosts and see if there is anything they can do to help you. Hopefully, they will have backups of all the files you had on the server. Good luck. Alex __________________ Page Rank is dead - It's the SERPs that count. What's your Serp Rank ? Παιχνιδια OnlineTravel.tv \| OnlineHotels.tv \| OnlineCasinos.tv

08-28-2008, 11:40 AM	#7 (permalink)
copper Senior Member Join Date: Dec 2006 Posts: 1,212	Did any of your sites or your clients site use Joomla? Security Vulnerability was found recently and need to upgrade to 1.5.6 __________________ 30 Wordpress How-To Videos! - 50% off Limited Time Offer

08-28-2008, 01:06 PM	#8 (permalink)
GF Domain Buyer Join Date: Jan 2008 Location: Orange County, CA Posts: 5,186	My suggestion is to not publicize the hacker's name... That's what turns them on. __________________ Economic Stimulus Act

08-28-2008, 10:02 AM	#6 (permalink)
Albert Senior Member Join Date: Jun 2004 Location: Malaysia Posts: 1,147	Are you a web developer? Always keep your software up to date and backup. People(hacker) does that for fun or popularity.

08-28-2008, 01:15 PM	#10 (permalink)
maxeaus Senior Member Join Date: Aug 2008 Location: Australia Posts: 1,815	Ah, JOOMLA, the hackers favourite im afraid. JOOMLA is notorious for hacks, and quite frankly i NEVER published my gambling site on the JOOMLA forum for this very reason. The problem is many external applications have gaping security holes. There are far too many JOOMLA experts around who do this for fun im afraid. You may need a JOOMLA ninja to help fix all this up, but again, you need one you can trust. Im very sorry to hear this, i feel for you.

08-28-2008, 01:20 PM	#11 (permalink)
Ross Senior Member Join Date: Nov 2007 Posts: 2,132	I know of some hackers that actually hack your systems and then send you an e-mail displaying what they did to hack your site and remind you of security. I guess its what you deserve in some respect. Also a reminder KEEP BACK UPS! Talk with you host and see whats up. Good luck and hope everything comes out ok.

08-28-2008, 02:28 PM	#12 (permalink)
sdsinc Domains my Dominion Join Date: Aug 2005 Location: Web 1.0 Posts: 9,602	If I could give you some advice, maintain critical sites (clients) and yours on different servers. Make sure your host has backup but don't just rely on their word. Verify and test the backups. I also perform my own backups and they are automatically uploaded to a remote location just in case... Last but not least be careful with third party software. Joomla has a history of security vulnerabilities. It's important to have up-to-date versions of pretty much everything. Good luck __________________ NameNewsletter.com - free lists of available domain names ZoneFiles.net (beta) - ccTLD and gTLD droplists

08-28-2008, 02:56 PM	#13 (permalink)
st0rmer Account Closed Join Date: Sep 2007 Posts: 556	I had all my web sites hacked a few weeks a go as well. I too didn't have any backups at the time. I still haven't managed to set everything right yet, and i've lost quite a bit of content.

08-28-2008, 04:40 PM	#14 (permalink)
TechQueen NamePros Member Join Date: Sep 2007 Posts: 148	The old version of Joomla (1.5.5) has some serious security issue. Upgrade to Joomla 1.5.6. Also what ever CMS you are using, make sure that you are downloading the script from the orginal website. This is very important, b'cos hackers play a lot with open source scripts. __________________ Effects.TV - Considering Offers PM me

08-28-2008, 04:43 PM	THREAD STARTER #15 (permalink)
JamesDavid www.JamesDavid.com Join Date: Dec 2006 Location: South Suburbs of Chicago Posts: 776	I really appreciate everyones advice. Is there a subforum on NP dedicated to security risks and such. Maybe there should be. just a thought... __________________ Developed:KankakeeCounty.com \| DailySpoon.mobi\| InvestmentFirms.net \| BackTrackLinux.com

08-28-2008, 04:47 PM	#16 (permalink)
whitebark Part-Time Zombie Join Date: Jul 2006 Location: Canada Posts: 3,495	Always always always keep multiple backups of any critical work. I keep three - on my work computer hard drive, on an external hard drive that I don't keep connected to my network, and on cd disc. I keep the collection of cd discs outside my home office as well - that way if my home office is robbed/burned down etc I always have copies safe elsewhere. It's a pain in the arse to do all that but it's much easier than recreating a website! __________________ *DOT CA DOMAINS DEMYSTIFIED!* Coupon Code \| Green Business Directory \| Zombie Movies Download BONG OF THE DEAD Today!

08-28-2008, 04:54 PM	#17 (permalink)
Shenron Senior Member Join Date: Jan 2008 Location: Portugal Posts: 1,430	If you sell services you need to have a decent disaster recovery plan and a flawless backup plan. Regarding backups, here's what I do: (hope it helps) 1 - Automatic backup my server DAILY! (It's 30 GB of data) to a different backup server. I mean FULL backup. 2 - I retain weekly copies and monthly copies of all the sites I own. ????: NamePros.com http://www.namepros.com/showthread.php?t=508395 3 - I make a full automatic download of all weekly data to my own Home server. 4 - I backup my own home server daily to a different disk outside the server. 5 - I copy all the main files to a 4GB pen drive I keep on my neck all the time. Am I nuts? Well, if your sites earned you thousands of dollars per month I'm sure you'd be nuts too. __________________ London Hotels ********************** Coconut Oil Car Tuning Gisele Bundchen Free Screensavers

08-29-2008, 04:54 PM	#18 (permalink)
fattee77 NamePros Member Join Date: Aug 2003 Posts: 162	Most of the times, he only replaces the index page. Perhaps your original is still available?

LinkBacks (?) LinkBack to this Thread: http://www.namepros.com/domain-name-discussion/508395-my-website-hacked-iskorpitx-turkish-hacker.html
Posted By	For	Type	Date
iSKORPiTX Footprints … Recovering a iSKORPiTX Hacked Site « Azghanvi's Technical Research Playground	This thread	Refback	11-20-2011 09:56 PM
iSKORPiTX Footprints … Recovering a iSKORPiTX Hacked Site « Azghanvi's Technical Research Playground	This thread	Refback	05-09-2011 03:55 AM

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

08-29-2008, 05:10 PM	#19 (permalink)
Michael DNMedia.com Join Date: Jul 2007 Location: Maryland Posts: 1,866	Sorry to hear that man, hopefully you can get it cleared up without too many headaches. This is a good reminder for everyone to back up their sites. __________________ MiniSites.com - Shift Your Domains Out of Park! DN Media Corporation \| Friend Me on Facebook \| Follow Me on Twitter

08-29-2008, 06:11 PM	#20 (permalink)
RicoShay www.demonised.com Join Date: May 2007 Location: London (UK) Posts: 2,956	Yeah very good reminder, I'm going to do some back-ups right now. I feel for you. And I know how it feels, I had two sites running on Joomla about a year ago. One was a newly built client site, the other a music site. Both were hacked. Turned into phishing sites for banks. The worst part is that my music site had a lot of interest from well known clubs and record companies and it was also making me over $1k per month. Unfortunately the back-ups I had were too old and I did a lot of custom coding which were all lost. It also happened at the worst possible time - when I was moving homes and starting a new business... I never recovered the site and even now the site/domain gets 2-3k visitors per month Hope you get your stuff sorted. Don't let it get you down, just take it on the chin and think of it as a lesson. You know what they say, whatever doesn't kill you only makes you stronger. Good luck. btw. if PommyG gives permission - it would be a good idea for a mod/admin to remove the hackers name from the thread title. Last thing you wanna do is give him/her a trophy for what was done! ????: NamePros.com http://www.namepros.com/showthread.php?t=508395 __________________ eBay FOR SALE @ NamePros: TDJ.in + RLI.in + EDE.in + ATJ.in + more \| NEW YEARS SALE - Upto 40% OFF!

08-29-2008, 10:53 PM	#21 (permalink)
-Nick- I'll do it Join Date: Dec 2005 Location: India Posts: 6,927 Follow @keralpatel	Just take regular backups and keep uploading them everytime they mess up with it. They have nothing to earn from this but you have to earn from it. So 1 of you will get frustrated in end and it should be them __________________ Delq\|Fhur\|Kegh\|Vhir\|Juhy\|Ruuz\|Jyos\|Jupt\|Vhek Webmaster Blog \| Software Downloads Makeup & Beauty Tips \| Sponsor Ads

08-29-2008, 11:37 PM	#22 (permalink)
weblord NamePros Legend Join Date: Dec 2005 Location: Philippines - www.Nabaza.com Posts: 19,785	sorry to hear this. your hosting provider might have backups or you can work your way on un uploaded files from your computer. __________________ Nabaza.com - Amaia

08-30-2008, 05:53 AM	#23 (permalink)
nmridul NamePros Regular Join Date: Oct 2007 Location: Global roaming Posts: 813 Follow @dnclips	Sorry to hear about this. I wish your host has backups to recover what you lost. Even if we have backups, it is the effort to bring the site back to normal and ensuring that it will not be hacked again that is the major worry. I take regular backups. But if the site is down for a week, I lose visitors and it bombs my search engine position. It vanishes from Google results if it is down for a week. And if search engine is your major visitor feed, then it is going to cost you more. __________________ Godaddy CLEARANCE - COM/NET/ORG/INFO - Fixed price $1 / $2 / $3 beaute.in

08-30-2008, 07:28 PM	#24 (permalink)
dochlaggie NamePros Regular Join Date: Jun 2005 Posts: 415	I had over 30 sites that this happened to early this year. To make it worse I was buying hosting from someone who was buying it from someone else.These people had a falling out and I was in the middle. I do think it was strange that it happened in the middle of this falling out. It was just a diaster. I lost one major site completely and I am still working to get things back.This diaster has put me so far behind. I lost a major community site I was running, I doubt if I will be able to get the majority of ex users back. Not to mention the major drop in traffic from the search engines while the site was down. ????: NamePros.com http://www.namepros.com/showthread.php?t=508395 I am now very concerned about the security of word press, joomla and drupal type sites. I have a couple of hundred word press sites which I am now converting with xsitepro [ no I am nothing to do with this company} to ordinary html sites. The problem with the joomla, drupal. wordpress type sites, is there is some sort of update every week or so. If you have a few hundred sites, you spend all your time updating sites to the latest version. Then a complete new version comes out, and guess what half the plug in's you use to make your site are not updated to work with the newer version. Keeping your site up to date does not always work [ it does help}. I use coppermine on about 6 sites. The scripts where up to date and a week later all the coppermine galleries where hacked. Maybe with drupal's multisite feature you get around this by having one installion for a hundred sites, but I am concerned about traffic from search engines when you do this. The hackers- all I think is -what a waste of time and energy. I struggle so much on the internet and would love to be more talented. I just wish the hackers would put there talents into better things. __________________ Domain Portfolio * Domain News Mobile Dog Portal Holiday Guide Property Guide Mobile Music News Mobile Art * Australia Mobile * Pet Supplies Mobile Beauty Salons Antiques Mobile * Horoscope *