Oct 092006
 

Ok, you maybe noticed the downtime of my webpage and maybe you also were confused that you only were able to find my weblog on my homepage, but my ISP was hacked by a hacker group called “Spykids Group”. I spoke with Kangaroo today and he told me that the group hacked into their webservers by using a security hole in PHP. Because of that they reinstalled their servers with a newer version of Plesk and RedHat Enterprise Linux.
Well, after they had the hard work done, I had to have a look at all of my files on my webpage, because they replaced all index* and log* files with their own files. Because comparing all the files would take to long time I decided to reinstall the complete content management system with it’s plugins and this task is finished right now. Currently I am thinking on how to do a automatical backup of my homepage (e.g. via Cronjob with Linux), but I am not yet sure which is the best way to do that. Anyway, let’s hope that this will never happen again.
Btw, this is the index.html file which they placed in nearly every directory:

hackednews-300px

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close