Results 1 to 39 of 39
  1. #1
    Join Date
    Jun 2003
    Location
    pa
    Posts
    64

    what to do when your host gets hacked?

    my site is showing some crap from a turkish hacker - the domain of the hosting company is hacked as well - so im not sure if sending an email is safe at this point. they are usually on aim but have not been for the last day and change... and ive sent them a PM through here.

    what do i do next?
    Randomn3ss.com None of the cool kids are doing it.

  2. #2
    Join Date
    Jul 2001
    Location
    .INdiana
    Posts
    2,451
    upload a fresh index page for starters.


    then upload your backup. and keep trying to contact your host.


    depending on the importance of your site, you might consider pointing your domain elsewhere till the webhost's site is fixed.

  3. #3
    Join Date
    Apr 2004
    Location
    Singapore
    Posts
    1,506
    I will give my host time to fix the problem as I have experience it a few time. Only some unimportant sites are hosted with other host while important sites are put on my own server.
    tanfwc
    Singapore Managed Colocation
    Singapore BGP Announcement

  4. #4
    Join Date
    Aug 2004
    Location
    AU
    Posts
    690
    May we know who is your hosting? That'll help other host seekers. Make sure you have backup otherwise you'll lose the files.

    You can find a different host if you don't feel comfortable to stay with your current host because of 'hacked'.

  5. #5
    Join Date
    Jun 2003
    Location
    pa
    Posts
    64
    the host is http://www.qubefactor.com/ - the site i have hosted w/ them is www.uploadpixels.com
    Randomn3ss.com None of the cool kids are doing it.

  6. #6
    You may be not sure about it, but i think it is also important to know, was it your host fault or your scripts fault?

  7. #7
    Join Date
    Jun 2003
    Location
    pa
    Posts
    64
    your right - it could have been mine - but 36 hours ago their site had the same splash screen up, now their site is not resolving at all.
    Randomn3ss.com None of the cool kids are doing it.

  8. #8
    Join Date
    Nov 2004
    Posts
    109
    A friend is hosted at qubefactor, and her site and qubefactor is down.

    Looks like everything at qubefactor is down. They're probably trying to secure the server and/or restore backups.

  9. #9
    I got a message from Qubefactor last evening stating that they will be ceasing operation as of 9/22/2006. Now to find another hosting site for a smalltime site like mine. Thank goodness I did a full backup the evening before they were hacked.

  10. #10
    Join Date
    Oct 2003
    Location
    Chattanooga
    Posts
    8,985
    azism:

    Glad to see you got a backup!
    Quite a few hosts these days are being exploited as they're not keeping their software up to date.
    David
    Web hosting by Fused — For businesses with more important things to do than worry about their hosting.

  11. #11
    Join Date
    Sep 2000
    Location
    Alberta, Canada
    Posts
    3,109
    Sorry to hear about your troubles and looks like 'qubefactor' is still not doing their Clients any favours. Recommending 'dreamhost' with their out-of-whack Hosting packages, could take people from frying pan into the fire.


    BTW, Hosters and/or Clients not keeping scripts uptodate is not the source of the problem. Even an uptodate script that is poorly coded can cause problems, with security or in other ways.

    Many Hosters and their Clients are having problems (such as site defacement) due to poor, Server-wide security. Many Hosters have had the security breached, of one or two accounts (i.e., hacker managed to upload a file) but good Server-wide security will prevent the majority of hacker files from running.

    If a Server is well secured then the Server does protect everyone.

    Unfortunately, we are going to see many more posts about Hosters or their Clients getting hacked, and by then it's too late. I seriously doubt we will see many post from people, about the good security provided by their Hoster protecting their account.
    PotentProducts.com - for all your Hosting needs
    Helping people Host, Create and Maintain their Web Site
    ServerAdmin Services also available

  12. #12
    Join Date
    Jun 2003
    Location
    pa
    Posts
    64
    wow... thats crappy - using a referal link to dream host...
    Randomn3ss.com None of the cool kids are doing it.

  13. #13
    Join Date
    Nov 2005
    Location
    Boston
    Posts
    816
    QubeFactor.com works for me, but it says they are ceasing operations as a hosting company. And they are telling everyone who is hosted with them to jump ship. The fact that they are using a referral link to dreamhost tells me they ran out of funding as a hosting company.
    Dimension Servers / Toll-Free: 1-888-750-6942
    RapidSSL Cert Included with ALL Reseller & Ultra Accounts
    24x7x365 Unbeatable Technical Support!
    Shared CPanel Hosting // Reseller WHM Hosting Solutions

  14. #14
    Join Date
    Oct 2003
    Location
    Chattanooga
    Posts
    8,985
    Quote Originally Posted by jmcallister
    The fact that they are using a referral link to dreamhost tells me they ran out of funding as a hosting company.
    Not exactly, no. They're simply optimizing their funds on the way out.
    I'd like to call it 'unprofessional' but at the same time they're making money off of it. Thus it's professional.

  15. #15
    Join Date
    Jun 2006
    Location
    East Coast // NYC
    Posts
    1,693
    If I was leaving, I'd do the same...you are in the business to make money aren't you? Its the same as selling your customers to another company.

  16. #16
    Join Date
    Sep 2000
    Location
    Alberta, Canada
    Posts
    3,109
    Well I would call it unprofessional and so would most other people that do good Business with their Clients.

    With 'qubefactor' allowing their own and their Client sites to be defaced, then giving what, 2 or 3 days notice they are shutting down, then trying to make a buck by telling their Clients to use a Referral link to another Hoster -- that's professional? Give me a break.

    That may be a way of doing (bad) Business but it's definitely not professional.
    PotentProducts.com - for all your Hosting needs
    Helping people Host, Create and Maintain their Web Site
    ServerAdmin Services also available

  17. #17
    Join Date
    Oct 2003
    Location
    Chattanooga
    Posts
    8,985
    Quote Originally Posted by Website Rob
    That may be a way of doing (bad) Business but it's definitely not professional.
    If you're using the word professional: Then yes, it is professional.
    Is it ethical? That all depends on how much research they did into dreamhost beforehand.

    If they're just in it for the buck than it may not be in the best interest for their clients. If they're honestly doing their best to be helpful and simply making a penny at the same time: Perhaps it was their best route to take at the time.

    Professional means to make money off something you do, basically. In this case they're doing just that.

    a person who earns a living in a sport or other occupation frequently engaged in by amateurs

    That describes the web hosting industry to a tee.
    David
    Web hosting by Fused — For businesses with more important things to do than worry about their hosting.

  18. #18
    Join Date
    Nov 2005
    Location
    Boston
    Posts
    816
    I disagree I think its terribly unprofessional. If you going out of business, do it with a bit of dignity.
    Dimension Servers / Toll-Free: 1-888-750-6942
    RapidSSL Cert Included with ALL Reseller & Ultra Accounts
    24x7x365 Unbeatable Technical Support!
    Shared CPanel Hosting // Reseller WHM Hosting Solutions

  19. #19
    Alot of times, a single website gets hacked because the user has not bothered to keeps their applications up-to-date as in not bothering to upgrade applications installed via Fantastico, and yet the server is not affected.

    We found afew sites on our servers hacked and we informed the user about it. It was because they did not bother to update their applications for a number of years even when its there, in plain site, a simple click to update, thats all it took. And our server was fine.

  20. #20
    Join Date
    Aug 2003
    Location
    East Coast
    Posts
    2,063
    1: There are differant types of hacks, bots searching the net are usually a non event however some highly skilled hackers have used simple exploits to get into systems through holes created by software that was not up to date.

    2: There is no unhackable server, it's simply impossible to keep up with every single piece of software out there that might be on your servers in one of your customers accounts. We have to be right all of the time, they only have to be right once.

    3: At least 90% of us are at the mercy of our software vendors be it Cpanel, SwSoft, DirectAdmin, Webalizer, Fantastico, PHPBB, SMF, ect... We do everything that we can to be vigilant about security but when it comes down to it our vendors are the ones tasked with releasing patches and responding to vulnerability notifacations.

    We might not agree with sending customers to Dreamhost but at least he is offering an option for people who have no clue what to do at this point. I dont think it's so bad that he is making a little bit of money from his customers as a referal, He is keeping their services up until the 22nd. Most places I see in his situation are trying to sell their company as a whole (Very Shady).

    This is the nature of shared hosting guys, I really think that we need to start pushing customers towards VPS or dedicated Hosting, The market is way to low and we all have customers that think their 12.99/mo site is cnn.com.. I say if you require a level of service beyond a shared hosting environment we need to create that option. Sure it exists but in this cut throat market most clients are pushed over to a shared account in order to close the deal.

    I dont know how to do it at this point but if we dont start pushing this market back up to a reasonable profit level we will all suffer in the end. A webhost needs to be able to afford a spare server, a cluster, on demand security experts. Part of the problem is that we have every Tom Dick and Harry out there providing hosting services. Perhaps the problem is that so many WebHosts out there are not even real companies not that it's a big deal to go create an LLC... At least it would be something
    Last edited by Dave W; 09-05-2006 at 03:07 PM.

  21. #21
    Well, this may all be as it is, but I'm still being hung out to dry, so to speak.

    I am just a small fish in the ocean of websites. I am doing a niche website for the TI-99/4A Home Computer community. My files take up about 1GB, mainly because I archive old files for others to download. I never tracked page hits, but in 2-1/2 years I've only had about 18500 visitors. I don't do email accounts or ftp accounts. So I need to now find something that won't break the bank. I am just an individual doing something I love. This isn't a money maker by any means. It is hard finding a site to meet my needs on a shoestring budget.

  22. #22
    Join Date
    Aug 2003
    Location
    East Coast
    Posts
    2,063
    Sorry, I didn't mean to turn your thread into my personal rant...

    I'll take care of you, check pm....
    Last edited by Dave W; 09-05-2006 at 07:48 PM.

  23. #23
    Join Date
    Aug 2003
    Location
    East Coast
    Posts
    2,063
    oops, cant pm you..
    looks like your post count is too low.

    send me a pm when your post count gets to a level where you can pm.

  24. #24
    Join Date
    Sep 2000
    Location
    Alberta, Canada
    Posts
    3,109
    keepr, your last two posts look suspiciously like you are trying to PM azism with an offer for hosting -- which you know is not allowed.
    PotentProducts.com - for all your Hosting needs
    Helping people Host, Create and Maintain their Web Site
    ServerAdmin Services also available

  25. #25
    Join Date
    Aug 2003
    Location
    East Coast
    Posts
    2,063
    Actually I felt bad about high-jacking his thread and his whole situation in general..

    I was going to "give" him a place to stick his website while he took his time looking for another host.

    That's all, no suspicious activity here.

  26. #26
    Join Date
    Sep 2000
    Location
    Alberta, Canada
    Posts
    3,109
    This thread was started by Mike Panic.
    PotentProducts.com - for all your Hosting needs
    Helping people Host, Create and Maintain their Web Site
    ServerAdmin Services also available

  27. #27
    Join Date
    Aug 2003
    Location
    East Coast
    Posts
    2,063
    good point... to much coffee tto many threads.

  28. #28
    Join Date
    Aug 2006
    Location
    London
    Posts
    647
    All they had to do was clear out a few folders, and reset everyones htaccess files, and they would have been safe once updates where done...ah well
    █ Tech-Hosts
    https://www.tech-hosts.co.uk
    █ UK Shared Hosting, Reseller Hosting, VPS & Dedicated Servers

  29. #29
    Join Date
    Aug 2003
    Location
    East Coast
    Posts
    2,063
    The attackers may have escalated their access which would mean that the server needs to be wiped and reloaded..

  30. #30
    Man this place where I had my free forum (Hostmycp.net) just shutdown all of sudden and I lost my forum too, I dun know why they did that!?

  31. #31
    Join Date
    Jun 2003
    Location
    pa
    Posts
    64
    i did a search a few days ago, on here for qubefactor's s/n... it seems that even as early as a few months ago he was looking to sell the site, but it wasn't going cheap, from what i recall (or a search onyour own) will show is that they were looking for around $4200 and posted the earnings generated over the last year.

    in regards to being a good business and professional, a professional web host would have found hosting for all clients, assisted in moving sites / databases and given the new nameserver info to the clients... not hung a sign on the front door that said, get your *ish out by the end of the week or its gone forever.
    Randomn3ss.com None of the cool kids are doing it.

  32. #32
    Join Date
    May 2006
    Posts
    54
    http://www.qubefactor.com/

    As of September 5th, 2006, QubeFactor will no longer be establishing new web hosting accounts as well as halting all current hosting operations due to reasons beyond our control. I deeply regret having to cease offering services, but unfortunately do not have any other options at this point. We will allow users to log into their accounts by FTP to retrieve data through September 22nd, 2006; however we will not be able to guarantee support of any kind. Beyond September 22nd, data will be terminated and no longer accessible. We will begin terminating billing subscriptions after September 22nd.
    that's harsh

    they should tell their server provider and get that hacker and sue him for that

    i'm sad for you man, get another host asap

    you will find much good reviews here in the forum

  33. #33
    I don't know if anyone has thought about reporting these instances of hacking to the FBI or not, but you should. I belong to InfraGard (http://www.infragard.net/) and was just discussing this with my assigned Special Agent. My host (QubeFactor) was for all practical purposes put out of business by this hacking incident. The turkish hacking was quite extreme. The FBI normally puts hacking low on its radar unless it does serious damage or it is widespread. From what I see here, it was very widespread.

    The FBI won't know how widespread until they start hearing from everyone affected, by both hosts and users. So, I am recommending everyone start calling their local FBI office and letting them know.

  34. #34
    Quote Originally Posted by keepr
    Actually I felt bad about high-jacking his thread and his whole situation in general..

    I was going to "give" him a place to stick his website while he took his time looking for another host.

    That's all, no suspicious activity here.
    I really appreciate your kind thoughts of help. I know that you were not trying to bypass the rules. For this I thank you.

    I have, however, located a new host (actually one who is a friend). Now all I have to do is get everyhting setup up again. Too bad it isn't as simple as doing a restore of the files. The rebuilding of the SQL databases is the biggest part.

  35. #35
    Mike Panic,

    I'm really sorry to hear of your troubles and it's always a shame to see a business fold like that, it also makes it look as if these guys are winning
    Did you have any FormMail scripts, and if so did you write them yourself or have a ready made one?
    It's just that quite often these are easily compromised and allow attackers to upload some nasty stuff.
    The name of the scripts can sometimes scream out (have a go at me) too.

  36. #36
    Join Date
    Oct 2005
    Posts
    53
    It’s really sad to see a business going down the drain. I have seen many hosts go out of business like this.
    EHOSTONE INC
    Ultimate Hosting Solution!
    http://reseller.ehostone.net

  37. #37
    Join Date
    Aug 2003
    Location
    East Coast
    Posts
    2,063
    yeah but when a host charges 20/year for hosting there is no way that they can afford to recover from a situation like this..

  38. #38
    I just hope everyone affected, hosts and usuers are contacting the FBI like I suggested so they will act on this one. It sure seems to have been a really far reaching attack which has impacted many of us. Who knows what they will do next if we don't do something.

  39. #39
    Join Date
    Aug 2006
    Posts
    50
    There are manny good hosting companies that QubeFactor.com clients can find out here in the forum or in google search.
    If my hosting company closed doors i wouldn´t follow any advice from them to join another company, i would prefer to look for some good hosting companies on my own.
    I think they aren´t completely correct in purposing another company with their promotional code.

    Regards,

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •