ADMINS - must change passwordGuys, things are getting worse with the hacker. It seems that the hacker is using sadgeezer.com to provide a website that is fraudulently trying to get unsuspecting peeps to part with their credit details :( . The hackers have placed a mini-website on sadgeezer.com that does just this - and they seem to be ableto access the site whenever they want! - this may also explain the large use of bandwidth recently :( . I'm trying to get my ISP to advise on what security measures I can take to fix this, but it seems that at the very leaset all admins should change their FTP or account passwords. I wont be doing anything until I hear from my ISP (it may be that they have not upgrade the latest security patch for PHP. [i]- HEADGE - it seems that when the hackers place files on the server, they inadvertantly change the displayCategory.php file !!![/i] If any of you use my password then please respond to this and I'll private you with the new pass. This just in: [quote]Dear Domain Administrator: Internet Identity has received information that the website address (URL), http://sadgeezer.com/html/modules/My_eGallery/public/Checking/security.a... which appears to be using a domain under your control, is an illegitimate website that attempts to mimic or "spoof" a SunTrust site. We are working on behalf of SunTrust to deactivate such fraud websites. The website attempts to collect personal financial information of visitors including credit card details. Based on our investigation it appears that the website is unauthorized and unrelated to SunTrust, and likely constitutes an improper attempt to obtain personal financial details of unsuspecting visitors. A practice also known as "phishing." The person or persons perpetuating this fraud are sending e-mail messages (spam) in large quantities in order to entice unsuspecting victims to go to that site to update credit details. We are recommending that you investigate this website as soon as possible. In order to protect innocent visitors to the site from being misled or injured, we request that you remove the pages associated with this fraudulent website. We would also request that you sequester any data related to this site for future investigation by law enforcement. This would include files, source code, and any data stored that is associated with it. It would also include any log entries of access to the server for the site, connections to upload or download data to the site, or records of the account being created. If you have any questions, please contact us by replying to this email or at the phone number listed below. We greatly appreciate your prompt attention to this matter. Please advise us regarding what actions you take. Thank you! [/quote]
|
Re:ADMINS - must change password
That would explain all of the weird bandwidth and pageviews that I couldn't attribute to anything lately.
I do use your ftp and control panel passwords. Routinely.
Since all these problems have something to do with the downlaods section. Could we remove that function from the site, WITHOUT DELETING ANY OF THE PICTURE FILES IN THAT DIRECTORY? Almost all of my reviews call picures stored in those directories. Somewhere around 200 reviews. It'd be too much effort to have to fix all that. It pains me to ask to do this, expecially since I'm so reliant on myegallery for review pictures. But since it seems that the problem lies within that module, it might have to be done.
Re:ADMINS - must change password
It might not come to that. I'm not sure that changing the password is necessary and I certainly wont be closeing the gallery unless I can prove in some wasy that the software is faulty.
It's most likely a pernmissions issue (attributes of files and directories). I'm looking into it with my ISP.
I'll report back when they have advised.
Re:ADMINS - must change password
Sorry, belated nose in.. I also use the sadgeez cpanel/FTP login when things go awry.
Re:ADMINS - must change password
Whelp!
It looks like the admin password change wasn't required after all. Touch wood, the hacker hassle seems to have been fixed.
You should still be able to access the admin areas (cpanel) and ftp using the old username and password.
if you have any hassle, just email me (emails should get through now since the spamkiller software seems to have cut around 98% of the junk emails I've been getting).