5 Replies Latest reply: Oct 3, 2013 10:06 AM by Photophart RSS

    How did my site get hacked?

    yanisworld Community Member

      Earlier this week, 7 sites on 3 different servers (Go-daddy, Lunar Pages, and another ) were allegedly hacked and blocked in Firefox, Chrome and Google search results.

       

       

      I use iObit and advanced system care to keep my pc clean. My pc, as scanned by these programs has no malware. I have over 40 sites in my Dreamweaver site definitions

       

       

      On 6 of the sites, I removed everything on the server, re-uploaded the sites and requested a review.

       

      On 1 of the sites, the hosting provider scanned the site and found nothing.

       

      On 1 of the sites, I did nothing and requested a review.

       

      All 7 sites were restored/unblocked.

       

       

      I've spent hour upon hour researching including but not limited to stopbadware.org and antiphishing.org and can't figure out how/why this happened and since my pc is allegedly clean,

      I am wondering:

      A) if there is a security hole in the Dreamweaver communications with Adobe.

      B) They were false Positives =( My webmaster tools currently say Google has not detected any malware on this site.)

       

       

      I've always practiced "safe computing" and don't know what else to do to prevent this from happening again.

       

      Has anyone else had a problem such as this recently?

        • 1. Re: How did my site get hacked?
          Jon Fritz II MVP

          Very likely B, or a problem with GoDaddy's server(s) and not your local machine.

          • 2. Re: How did my site get hacked?
            Nancy O. MVP

            Sites, especially popular ones, often become targets to hackers & robots who find vulnerabilities on the server or in your forms & scripts which allows them to inject malicious code into web pages.  I had this happen about 2 years ago on a  dedicated server.   Fortunately, the files on my local drive were clean so I was able to replace the remote site in a few hours.

             

            How did it happen?  According to the hosting company nothing was wrong at their end.  So we may never know exactly how the hackers got in.   The server hosted 5 sites at the time but only one site was hacked. 

             

            WordPress and other open source frameworks are especially attractive to hackers. If you use  PHP & MySql, take necessary security precautions.

             

            Use strong passwords for everything.  A minimum of 17 characters,  alpha-numeric, upper & lower, with symbols.  If you can remember your passwords, they're not strong enough.  Write them down.  And change your passwords regularly.

             

            Consider getting Secure Live which stops & blocks attackers IP addresses and sends them to the FBI's database.  https://www.securelive.com/

             

             

            Good luck!

             

            Nancy O.

            • 3. Re: How did my site get hacked?
              mytaxsite.co.uk MVP

              Your site was hacked, if at all it was hacked, is because you had a very bad password security system.  Any passwords less than 14 characters long (made up of letters- uppercase, lowercase and digits), is unsafe.

               

              All my passwords are now 16 characters long and made up of upper/lower characters and digits. This is changed every 6 weeks.

               

              Also, don't use the same password everywhere because if one site is hacked, all your sites are hacked!!!.  That's expected.  Yahoo has been hacked 3 times in the last 6 months and so they have been losing customers like BT - one of the biggest customers you can have in the UK.

              • 4. Re: How did my site get hacked?
                yanisworld Community Member

                Thank you to those who took the time and effort to answer.

                Based on the answers, I must not have phrased my question properly.

                 

                I believe that something got into my Dreamweaver files and took the passwords from there.  

                What I am questioning is:

                - is it an undected virus on my machine

                - A virus on one of the servers

                - An Adobe issue

                 

                I understand the point about passwords being cracked.

                 

                The 7 sites all had different passwords and usernames.  Two were straight up HTML with no JS or php at all.

                 

                As far as being popular sites - the average is 400 visitors a month with the highest being 1600 - I personally wouldn't call that popular

                 

                None of the sites were Wordpress or any other type of CMS.

                • 5. Re: How did my site get hacked?
                  Photophart Community Member

                  There are as many ways to hack a site as there are right handed programmers on earth. In my case my hosting company's entire group of servers was the victim of a defacement hack perpetrated from "within" the company. In other words a client with a site hosted on thoses servers correctly guessed an administrative password and globally replaced all index.html and index.php files on the server. Keep good backups locally.

                  PP