- This topic is empty.
-
AuthorPosts
-
April 16, 2012 at 7:26 pm #823573
misswiggMemberHow many people checked their site via google after reading this
April 16, 2012 at 7:35 pm #823574Anonymous
Inactive@Caseym 238681 wrote:
How many people checked their site via google after reading this

No new messages or recent critical issues. LOL!
April 16, 2012 at 9:35 pm #823575Anonymous
InactiveThis happened to allfreechips before I upgraded the site, and it was very tricky. It would only re-direct if you click on a google link! so as a webmaster you dont know, and even more tricky it added a cookie before it starts so it was only new people clickijng from google, and it only did it once per user! This was a VBSEO exploit to all you VBSEO users.
April 17, 2012 at 1:11 am #823585Anonymous
InactiveI assume they got the email address from the domain registration data.
Or was it only google analytics participants?
April 17, 2012 at 1:34 am #823586Anonymous
Inactiveno, it was a dead file share site by the time i got hit.. it was all base64 code stored in sql so it was converted at runtime by VBSEO, very well thought out hack
April 17, 2012 at 8:16 am #823591Anonymous
InactiveIt happened to all my sites which were on Joomla and same as allfreechips as it redirected straight from Google and not the direct type in – So bloody annoying as couldn’t rescue the sites and now having to start all over again site by site… Mine redirected to some Philipines site called Happy New year
April 17, 2012 at 3:50 pm #823605
bosshoggsMember@alexpratt 238701 wrote:
It happened to all my sites which were on Joomla and same as allfreechips as it redirected straight from Google and not the direct type in – So bloody annoying as couldn’t rescue the sites and now having to start all over again site by site… Mine redirected to some Philipines site called Happy New year
Yikes… Thanks for the update, Alex. Sincerely sorry this happened to you… AND the issues AllFreeChips has encountered. He put it best, it seems like it was a damn good hack by some pros that knew what they were doing.
This story is definitely on our radar. As we uncover more updates, we’ll be sure to let the community know.
April 17, 2012 at 7:39 pm #823624Anonymous
Inactive“The best way to save your site from this issue is to get access to Google Webmaster Tools and verify your website, configure notifications and alerts to arrive to an email you regularly check.”
If a site is verified on Google how do this protect tou from having your site hacked?
Good bit of info by the way Jill; thanks for keeping us informed on this stuff.
April 18, 2012 at 1:29 pm #823640
voodoomanMemberToday when browsing through Google Webmaster I noticed I had this warning “Notice of Suspected Hacking” for one of my sites.
One of my non gambling WordPress sites has been hacked. My NOD32 Antivirus blocked a threat called JS/Kryptik.LU trojan when visiting any page on this site. It must have placed a cookie as it would only do it once.
So I uploaded a plugin called WP Security Scan which helped me secure my site. I also signed up for a free beta account at Website Defender. They scanned my account and found two possible malicious files:
wp-content/plugins/oiopub-direct/include/fusion.php
wp-content/avatars/lightwindow.phpThese files had some seriously suspicious code in them. I’ve deleted them and my site seems to be fine for now. Keeping my fingers crossed.
April 18, 2012 at 3:25 pm #823646Anonymous
Inactive@ixian 238767 wrote:
Today when browsing through Google Webmaster I noticed I had this warning “Notice of Suspected Hacking” for one of my sites.
One of my non gambling WordPress sites has been hacked. My NOD32 Antivirus blocked a threat called JS/Kryptik.LU trojan when visiting any page on this site. It must have placed a cookie as it would only do it once.
So I uploaded a plugin called WP Security Scan which helped me secure my site. I also signed up for a free beta account at Website Defender. They scanned my account and found two possible malicious files:
wp-content/plugins/oiopub-direct/include/fusion.php
wp-content/avatars/lightwindow.phpThese files had some seriously suspicious code in them. I’ve deleted them and my site seems to be fine for now. Keeping my fingers crossed.
On one of my sites the plugin said
“Change your database table prefix to mitigate zero-day SQL Injection attacks.”
Is this a very real threat?
April 18, 2012 at 3:33 pm #823647
winner.comMemberI got hacked 3 times in the last 2 months – if you are using cpanel make sure you click the -see hidden files – because that’s usually where they put the ‘bad stuff’ or f-up your htaccess file
Nothing that serious but still
April 19, 2012 at 3:55 am #823661Anonymous
Inactivealso make sure you enable brute force detection, I am amazed at how many attempts a day I get froim China, Russian, India and US at my server level.
April 20, 2012 at 12:10 am #823683Anonymous
Inactivethere is a hosting software vulnerability (e-commerce software, or something related) that permits to modify .htaccess file, I moved my mobi sites from webhosting uk because of this, (thanks it was for mobi, because they redirected just mobile and spider traffic, so you can have this for years on server) Have contacted the hosting – but they found the problem after 3 months.
-
AuthorPosts