Results 1 to 9 of 9
  1. #1

    Phishing from my site

    I had a website with a hosting company and someone hacked the site and did some phishing of paypal and ebay informed the host and they took my site down. All this happend before i could do anything.
    Please advice what i should do. Is there any legal issues ?
    should i contact ebay ? how ?
    I am not from us.
    I am really in trouble and need your help urgently
    Thanks

  2. #2
    Join Date
    Apr 2001
    Location
    Paradise
    Posts
    11,868
    Hi
    Ask to your host about what they used to send pishing, probably is an insecure formmail on your site that you should remove/update.
    Shared Web Hosting - Reseller Hosting - Semi-Dedicated Servers - SolusVM/XEN VPS
    LiteSpeed Powered - R1Soft Continuous Data Protection - 24/7 Chat/Email/Helpdesk Support
    Cpanel/WHM - Softaculous - R1soft Backup - Litespeed - Cloudlinux -Site Builder- SSH support - Account Migration
    DowntownHost LLC - In Business since 2001- West/Center/East USA - Netherlands - Singapore

  3. #3
    Join Date
    Apr 2003
    Location
    NC
    Posts
    3,080
    Chances are probably not because it is so common, especially if you didn't put the phishing site up (which you obviously didn't). You were probably exploited via some php scripts you run on your server.

    Your host will most likely keep a backup of the information incase the Feds come asking later. Everything should be well documented.
    John W, CISSP, C|EH
    MS Information Security and Assurance
    ITEagleEye.com - Server Administration and Security
    Yawig.com - Managed VPS and Dedicated Servers with VIP Service

  4. #4
    Thank you so much for your advice. I feel a little bit ok now. I was really scared because i do not have that kind of knowledge to do phishing even i do not have that kind of knowledge to protect it either.

  5. #5
    This is usually the pishing scam authors, take advantage of the common internet user.

  6. #6
    Join Date
    Apr 2003
    Location
    NC
    Posts
    3,080
    While you are not completely out of the water lets just say the phishing is VERY common and getting exploited via a php script happens all the time.
    John W, CISSP, C|EH
    MS Information Security and Assurance
    ITEagleEye.com - Server Administration and Security
    Yawig.com - Managed VPS and Dedicated Servers with VIP Service

  7. #7
    yeah, I know its really getting out of hand

  8. #8
    Join Date
    Nov 2003
    Location
    UK
    Posts
    174
    Phising as its recently been called is nothing new and its not going anywhere anytime soon,

    You wont be in trouble with ebay or paypal
    All you need to do now is get in contact with your webhosting provider and find out if they are able to obtain a list of recorded IP addresses from FTP logs involving your account, check these against your IPs and anyone else with legal access to your FTP, and also find out how the hackers were able to gain access to your website, If possible you could list what you run here and we can check for you..
    ie, Forum (type/version), Gallerys, Blogs, and other PHP Scripts etc..
    as with the increase of RFI's(Remote File Include Vulnerbilities) its more likely that its an insecure PHP script you are using which they have gained access through

    So just find out how they got in, patch it, and sort out any damage they done to your site,

    Its very very unlikely that you will be in any real trouble from this because as people have said..
    its becoming a very very common thing.

  9. #9
    Quote Originally Posted by InfoH
    Phising as its recently been called is nothing new and its not going anywhere anytime soon,

    You wont be in trouble with ebay or paypal
    All you need to do now is get in contact with your webhosting provider and find out if they are able to obtain a list of recorded IP addresses from FTP logs involving your account, check these against your IPs and anyone else with legal access to your FTP, and also find out how the hackers were able to gain access to your website, If possible you could list what you run here and we can check for you..
    ie, Forum (type/version), Gallerys, Blogs, and other PHP Scripts etc..
    as with the increase of RFI's(Remote File Include Vulnerbilities) its more likely that its an insecure PHP script you are using which they have gained access through

    So just find out how they got in, patch it, and sort out any damage they done to your site,

    Its very very unlikely that you will be in any real trouble from this because as people have said..
    its becoming a very very common thing.
    exactly what I was going to say

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •