Someone hacked my site, help.

[killaklown]

Some kid hacked my site (http://www.flashcent.com) deleted everything (although i made a backup a few hours ago, itll take time to upload it)

the page they made is http://www.flashcent.com/index2.html

How can i get these guys (i want to ban them from the site, report them to there isp and possibly get FBI involved)

Here are the ips that i believe are from them (the site was hacked 2 times today and these ips were there each time)

ia-nw-dhcp3-97.dsl.hickorytech.net
host213-160-108-165.dsl.vispa.com


currently waiting for the stats to update (last updated 30 min ago) so i can put the other supecious ips here.

 

[def1]

tell your host about it

 

[killaklown]

my host? why...

i sent this to one of there host abuse emails:

Today, a user that which i did a ip whois on came from you guys/

There ip is:
ia-nw-dhcp3-97.dsl.hickorytech.net
or
216.114.209.97

This user has been hacking my site, http://www.flashcent.com

He did this 2 times today, first time he just changed a file ony my site to say that it was hacked, so i removed it and now he did it again, but this time he deleted everything.

http://www.flashcent.com/index2.html

thats the file he added the second time, if it is no longer there when you are checking this, i can provide you guys with a screenshot.

I would appreciate anything you can do to this guy.

Thanks. (there seems to have been a buddy helping him, his ip is host213-160-108-165.dsl.vispa.com or 213.160.108.165, i will also be contacting that isp.)

emailed the other guy now, seems to be ok now (the guys changed my password for cpanel, but before they could do anything, i reseted my code, banned there ips (and one had a range from ***.***.208.0 to ***.***.209.255 or something, so i banned those ips.

hoping there hosts can do something.. im 16 and i dont feel like going to the police about this, and dont know if i can (sence no real damage was caused, except my site being down for a few hours :/)


Well this is a good expierence (well not good but... yea) to tell me, get off your a** and learn php/mysql and some security to stop this from happening again

anyone wanna tell me where to start

 

[seiya]

sadly there is people out there who are jealous of your work and will do anything to destroy it, happened to me once... i started doing backups after that, this was about 2 years ago i think...

 

[Joe]

yer, a few tips:
¬ back up your website (also keep a copy on your own computer).
¬ make sure every folder has an index (just an extra).
¬ make sure you use a password that you don't use anywhere else on the web. one of my websites was hacked by someone who ran a forum i belonged to.
¬ there are some people who do it for fun, so becareful!

hope that helps, i'm a noob about these things really

 

[eli03]

always scan your pc for keylogger, and as much as possible dont used public computer when login to your cpanel hosting

 

[znender]

I agree there.
keyloggers r mostly trojans.
so u might want to update ur antivirus prog and use a spyware scanner.

 

[lilgee]

You cant have anything any more cause of people like are like them.

 

[cbr600]

He probably did it through a proxy. So an email to his "host" will most likely get a copy and paste email response. I know because it happened to me too

 

[axilant]

I guess they got into your control panel?

Ask your host to check into the linux kernal they use, there is a few unsecure linux kernals that some hosts actually use...

your password should consist of at least 1 caps character, 4 reg characters and 3 numbers... thats the best password

Cody

 

[Iravan]

Im gonna go backup now!

 

[killaklown]

wow, dont bring up a old thread...

plus there gone now, no they didnt use a proxy, and their host already talked to them.


Just for your information

- I make backups daily
- I dont download stuff, so theres not viruses, etc.

I know how they did it, i must have signed up on a hacked forum or something before which doesnt encrypt my password, and i used the same one as i did for my hosting.

anyways, i think this can be closed.

I guess they got into your control panel?

Ask your host to check into the linux kernal they use, there is a few unsecure linux kernals that some hosts actually use...

your password should consist of at least 1 caps character, 4 reg characters and 3 numbers... thats the best password

Cody

uh yea, mine has 8 letters, 9 numbers in a random order.

 

[unknowngiver]

i got hacked once..and they replaced everything wid 'xxx' n i didnt even a backup:p
consider urself lucky tht u had a backup...
ban there IP using the htacess...thts the most u can do about it i think

 

[jontalbot]

sadly, i know the people responsible "j1M" is a friend of mine.

 

[Zinho]

You should check if they used a proxy to take the action. If they did then you'll have to mail the proxy admin to give you the logs (I doubt he will). If this is the case only interpol can have the right to have the logs.

 

[aLeeOnline]

I guess they got into your control panel?

Ask your host to check into the linux kernal they use, there is a few unsecure linux kernals that some hosts actually use...

your password should consist of at least 1 caps character, 4 reg characters and 3 numbers... thats the best password

Cody

nice password tip buddy ... im gonna change mine now

 

[Xombie]

A quick google of the persons name show that these are jsut script jackers, and rather pathetic at that.

Your search did not match any documents

 

[Jakey]

yes im pretty sure i remember illegalcity and j1m.