Results 1 to 22 of 22
  1. #1
    Join Date
    Feb 2006
    Location
    India
    Posts
    858

    [[[My]]] Cpanel hacked

    When I try to access my CPanel, I get the following error message
    r00t-x...here ]


    your Security...Get DoWn


    sorry ..





    YOU ARE OWNED!

    #my Email
    :: Members::
    HaCkeR Al-MaDiNaH~_~eVil CeLL


    Is it a problem with my account, or a server problem. Is there anything I can do to prevent this problem? Mods please remove anything which is not as per TOS

  2. #2
    Join Date
    Apr 2007
    Location
    Massachusetts
    Posts
    484
    Is this a reseller package, shared package, VPS, or dedicated server.

    If its shared or reseller contact your host. If its a MANAGED VPS or dedicated server contact your host. If its unmanaged contact a systems admin to fix it.

  3. #3
    Join Date
    Feb 2006
    Location
    India
    Posts
    858
    It is a shared hosting package

  4. #4
    Join Date
    Apr 2007
    Location
    Massachusetts
    Posts
    484
    You must contact your host then.

  5. #5
    Join Date
    Feb 2006
    Location
    India
    Posts
    858
    Usually, how long does it take to fix this problem?

  6. #6
    Join Date
    Apr 2007
    Location
    Massachusetts
    Posts
    484
    Thats something your host will tell you, not WHT. Sorry

  7. #7
    if this helps ... just type r00t-x in google and see how many sites got hacked by him ...

  8. #8
    Join Date
    May 2006
    Location
    San Francisco
    Posts
    7,200
    It's unfortunate that your server was hacked. Hopefully, your provider has a plan for events like this. Do you mind revealing the name of your provider?

  9. #9
    Join Date
    Feb 2006
    Location
    India
    Posts
    858
    Thousands of sites seem to be hacked, I'm giving the host some time to take action .

  10. #10
    Join Date
    Nov 2002
    Location
    Lakeport CA, Clear Lake
    Posts
    1,856
    Do you mind revealing the name of your provider?
    If it's his Domain Registration site, it appears to be with Site5 according to the who is.
    Everyone is entitled to MY opinion.
    CatfishEd.com

  11. #11
    Join Date
    Feb 2004
    Location
    New Zealand
    Posts
    1,202
    Those machines have been insecure for a while now, I remember doing scans on them a while back. They haven't cleaned up either.

    Its a shame seeing these fairly large income online businesses getting hacked - So little funding put towards security.
    DigitalGoods.info
    FREE Shared, Mega Resellers + Dedicated Servers

  12. #12
    Join Date
    Feb 2006
    Location
    India
    Posts
    858
    No, this is not related to domain registration, these are completely different websites.

  13. #13
    Quote Originally Posted by LoganNZ View Post
    Those machines have been insecure for a while now, I remember doing scans on them a while back. They haven't cleaned up either.

    Its a shame seeing these fairly large income online businesses getting hacked - So little funding put towards security.
    Its there fault for not doing some basic server hardening.

    How hard can it be theres Tutorials for it.

  14. #14
    Join Date
    Jan 2003
    Location
    U.S.A.
    Posts
    3,911
    I hate to say it but things like this do happen. I hope your host has a backup!

  15. #15
    Join Date
    Feb 2004
    Location
    New Zealand
    Posts
    1,202
    Quote Originally Posted by feomateo View Post
    Its there fault for not doing some basic server hardening.

    How hard can it be theres Tutorials for it.
    yeah, sometimes I find it hard to believe : Customer asks us to install APF... ( How many tuts are there out on the net?! )

    Seriously, it isn't hard to secure a server and know BEFORE you get hacked. All the servers i monitor have IDS systems or honeypots in place, so I know when the hacker/kid is attempting to gain access.

    These servers are in a bad way, 2 years out of date?

    However, big uptimes and medium quality support. ( Due to no reboots or configs being set to orig/default via cp scripts )

    "Ignorance of security, Will kill you and your Business."
    DigitalGoods.info
    FREE Shared, Mega Resellers + Dedicated Servers

  16. #16
    Was cpanel defaced, or the website? Are you saying your site was fine, but logging in to cpanel showed that page?

  17. #17
    Join Date
    Feb 2006
    Location
    India
    Posts
    858
    Cpanel was defaced, could not login at all. The index files were replaced , the host had a backup and I also have one.

  18. #18
    Join Date
    Jan 2008
    Posts
    384
    its great if you and your host have backup. i think hacker effect all of server accounts.

  19. #19
    Join Date
    Nov 2001
    Location
    Philadelphia, Pa
    Posts
    949
    How hard can it be theres Tutorials for it.
    Not to stick up for whatever host it was that got defaced, but server security is a constant struggle that there's no all-inclusive tutorial for, which your post seems to imply.

  20. #20
    Join Date
    Dec 2003
    Location
    Chicago, IL
    Posts
    169
    Like it's been said before, I'd recommend speaking with your hosting provider -- you might not have been the only one affected by this issue.

  21. #21
    Join Date
    Aug 2004
    Location
    Canada
    Posts
    3,582
    Quote Originally Posted by derek.bodner View Post
    Not to stick up for whatever host it was that got defaced, but server security is a constant struggle that there's no all-inclusive tutorial for, which your post seems to imply.
    I have to agree with you there. In this case it was probably not a 0-day exploit. However several big hosts had customer sites defaced recently by that 0-day exploit a while ago that affected quite a few kernels.
    Tony B. - Chief Executive Officer
    Hawk Host Inc. Proudly serving websites since 2004
    Quality Shared and VPS Hosting
    PHP 5.3.x & PHP 5.4.x & PHP 5.5.X & PHP 5.6.X & PHP 7.0.X Support!

  22. #22
    Join Date
    Nov 2001
    Location
    Philadelphia, Pa
    Posts
    949
    if somebody got hit by that kernel exploit and only got defaced, they should consider themselves very lucky.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •