One of my sites was hacked....

Looks like one of my sites was hacked. It was a vBulletin site...heh. I have no clue what to do about it. I've sent a message to the forums at vbulletin and I'm on live chat now with my hosting company, iPowerWeb, but they're saying they'll need to contact me via email with more information...

Any criticial things I need to do right now? The site is completely independent from my other sites. Japan-Games.com looks like it's running fine.

In case the site goes down, here's a pic that will live in infamy:

http://i79.photobucket.com/albums/j132/EricJapan/Hacked.jpg

 

Removed the index page for now...heh.

 

that the hacked your page sux man.
on a sitenote, i like there black white red style
But that should not happen!

 

Ask your host if they have updated to prevent SQL injection attacks.

 

A vbulletin website I visit regularly about something completely different was hacked by the same person, with no direct link between him and the site. So it's probably not personal.

 

Those nicknames sound Spanish...

 

Man that sucks, hope you can fix it, did they do any further damage? Or just change the index and block the access to the rest of the site?

 

Im thinking there Turkish, i seem to remember something to do with the nickname claw cracking a few freeweb site before.
Liek giel said im sure its nothing personal just trying to show of there skills.

 

Gahh, stuff like this just pisses me off. Like, whats their purpose? Attack small independant sites like yours and just cause unnecessary problems? If your going to be hacking sites like this atleast do it big...

I am sorry to hear about what happened. :crying:
I love how prominently they display their "Gaza Hacking Team" everywhere as if they matter... :lol:

 

There probably isn't an attack per se. Rather, this may just be a webcrawling, scripted attack.

 

Why Spanish / Turkish... perhaps I'm I reading into this too superficially -- "Gaza" and Arabic script? 2 + 2 and all that?

On a side note, hack sucks dude. Whether it's personal or not is irrelevant. My car was nicked, does it matter whether it was personal? No. The fact remains the site was hacked... fucking waste of time just causing shit for other people.

Hope you get it sorted soon mate.

 

Sounds like you've got some angry Israelis/Palestinians on your hands.

 

We had some turkish hackers get into our site.....maybe a year ago. First time it was just a simple redirect as everything on the server wasn't touched. Though second time they some how managed to actually gain access to files on the server...........that wasn't good.....

 

Hmmm....looks like it's up and running again. I guess it was just a redirect?

 

Question....how do I back my site up? I use FlashFXP. When I edit any of the pages I use Dreamweaver which makes changes to the local folder and the server, but there's always new content from members who have joined, etc. Is there a way in FlashFXP that I can sync the files on my local hard drive with the ones on the server? In the past I would just drag the files to my desktop to back them up, but I'm assuming there is a better and more efficient way than that...

 

To backup a forum and new members etc you will need to backup the SQL on regular base. FlashFXP can't be used for this. You might already have a SQL managing software installed on the server. PHPMyAdmin is a good one to go with, it allows you to export and import SQL dumps easy. Backing up the files with FlashFXP will work fine, but this will only work for the basic configuration and maybe files uploaded by members, avatars, etc. Using FlashFXP will pretty much work in the way you used it, you can optionally set it to only transfer files not on your hd yet, so basically do not overwrite files.

Edit: The "Compare Folders" option in FlashFXP is also pretty useful. FlashFXP also comes with a greatly customizable skip list. Try out Options->File Exists Rules. If you set it to autoskip all files that already exist on your hd, overwrite ones that are bigger on the remote site (your webserver) it should give you a pretty fast method to backup changes.

 

You're going to be hard pressed to find a way to automatically backup a site you don't have a shell account for (which you most likely don't unless it's at least a virtual dedicated setup). Until then, use phpmyadmin's backup tool. It's manual, but it works.

 

gaza are just metacrawling the web for unsecure websites for some injecting or cross-site scripting. this is nothing personal, just for their personal highscore. call your host and ask if this happened to more pages that are hosted there.

 

Judging by the name and all they are just some arabic/palestinian script kiddies that use standard exploits in things like vbulletin and joomla. You cant really do anything about it i think, apart from keeping subscribed to the security mailing list of whatever software you use. Ofcourse you'll still have the risk of running into people using unpublished hacks and such. Although 99,9% of this type of hack are just scriptkiddies using standard known expoits.

 

Yep. And keep your Vbulletin boards up to date. They recently changed the fee's, so its more expensive if you go more than 60 days without renewing your license. Keep that in mind.