Get exclusive CAP network offers from top brands

View CAP Offers

Has Your Site Been Hacked? Matt Cutts Released Statement

[bsa_pro_ad_space id=2]
  • This topic is empty.
Viewing 14 posts - 1 through 14 (of 14 total)
  • Author
    Posts
  • #627206
    bosshoggs
    Member

    We just got an update on a pretty major, developing story.

    Matt Cutts just released a statement to 20,000 sites, as these sites are at risk or have already been hacked because of “weird redirects.”

    To get the full story, go here:

    Matt Cutts Issues Statement: 20,000 Messages Sent to Hacked Webmasters

    As we get more updates on this developing story, we will be sure to alert the community. And… we welcome any updates you may come across as well…

    #823573
    misswigg
    Member

    How many people checked their site via google after reading this :P

    #823574
    Anonymous
    Inactive

    @Caseym 238681 wrote:

    How many people checked their site via google after reading this :P

    No new messages or recent critical issues. LOL!

    #823575
    Anonymous
    Inactive

    This happened to allfreechips before I upgraded the site, and it was very tricky. It would only re-direct if you click on a google link! so as a webmaster you dont know, and even more tricky it added a cookie before it starts so it was only new people clickijng from google, and it only did it once per user! This was a VBSEO exploit to all you VBSEO users.

    #823585
    Anonymous
    Inactive

    I assume they got the email address from the domain registration data.

    Or was it only google analytics participants?

    #823586
    Anonymous
    Inactive

    no, it was a dead file share site by the time i got hit.. it was all base64 code stored in sql so it was converted at runtime by VBSEO, very well thought out hack

    #823591
    Anonymous
    Inactive

    It happened to all my sites which were on Joomla and same as allfreechips as it redirected straight from Google and not the direct type in – So bloody annoying as couldn’t rescue the sites and now having to start all over again site by site… Mine redirected to some Philipines site called Happy New year

    #823605
    bosshoggs
    Member

    @alexpratt 238701 wrote:

    It happened to all my sites which were on Joomla and same as allfreechips as it redirected straight from Google and not the direct type in – So bloody annoying as couldn’t rescue the sites and now having to start all over again site by site… Mine redirected to some Philipines site called Happy New year

    Yikes… Thanks for the update, Alex. Sincerely sorry this happened to you… AND the issues AllFreeChips has encountered. He put it best, it seems like it was a damn good hack by some pros that knew what they were doing.

    This story is definitely on our radar. As we uncover more updates, we’ll be sure to let the community know.

    #823624
    Anonymous
    Inactive

    “The best way to save your site from this issue is to get access to Google Webmaster Tools and verify your website, configure notifications and alerts to arrive to an email you regularly check.”

    If a site is verified on Google how do this protect tou from having your site hacked?

    Good bit of info by the way Jill; thanks for keeping us informed on this stuff.

    #823640
    voodooman
    Member

    Today when browsing through Google Webmaster I noticed I had this warning “Notice of Suspected Hacking” for one of my sites.

    One of my non gambling WordPress sites has been hacked. My NOD32 Antivirus blocked a threat called JS/Kryptik.LU trojan when visiting any page on this site. It must have placed a cookie as it would only do it once.

    So I uploaded a plugin called WP Security Scan which helped me secure my site. I also signed up for a free beta account at Website Defender. They scanned my account and found two possible malicious files:
    wp-content/plugins/oiopub-direct/include/fusion.php
    wp-content/avatars/lightwindow.php

    These files had some seriously suspicious code in them. I’ve deleted them and my site seems to be fine for now. Keeping my fingers crossed.

    #823646
    Anonymous
    Inactive

    @ixian 238767 wrote:

    Today when browsing through Google Webmaster I noticed I had this warning “Notice of Suspected Hacking” for one of my sites.

    One of my non gambling WordPress sites has been hacked. My NOD32 Antivirus blocked a threat called JS/Kryptik.LU trojan when visiting any page on this site. It must have placed a cookie as it would only do it once.

    So I uploaded a plugin called WP Security Scan which helped me secure my site. I also signed up for a free beta account at Website Defender. They scanned my account and found two possible malicious files:
    wp-content/plugins/oiopub-direct/include/fusion.php
    wp-content/avatars/lightwindow.php

    These files had some seriously suspicious code in them. I’ve deleted them and my site seems to be fine for now. Keeping my fingers crossed.

    On one of my sites the plugin said

    “Change your database table prefix to mitigate zero-day SQL Injection attacks.”

    Is this a very real threat?

    #823647
    winner.com
    Member

    I got hacked 3 times in the last 2 months – if you are using cpanel make sure you click the -see hidden files – because that’s usually where they put the ‘bad stuff’ or f-up your htaccess file

    Nothing that serious but still

    #823661
    Anonymous
    Inactive

    also make sure you enable brute force detection, I am amazed at how many attempts a day I get froim China, Russian, India and US at my server level.

    #823683
    Anonymous
    Inactive

    there is a hosting software vulnerability (e-commerce software, or something related) that permits to modify .htaccess file, I moved my mobi sites from webhosting uk because of this, (thanks it was for mobi, because they redirected just mobile and spider traffic, so you can have this for years on server) Have contacted the hosting – but they found the problem after 3 months.

Viewing 14 posts - 1 through 14 (of 14 total)