Remember our hacker ? ( website )
Hi guys, remember the thread I did, about 6 weeks+ ago, regarding some knob head hacking our site, and well wreaking havoc?
We contracted a guy to go thru every bit of code, he has just finished, and given us the results. He was astonished at how devious these hackers are, and had never seen such a blatant cheeky possibly unknown and vastly un-published method of hacking. Now to reiterate the story. Some guy was getting our results for his cloned site, of one of ours. It was happening every time we were spidered, and we couldnt nor could our google rep, understand how, our ranks and sep's getting juggled with almost clinical occurence... it was a real bummer.. Not just on cost , but also heart breaking . Well heres the result, and I for one will not be posting the encrypted or decrpted code this toe rag used, for fear of copycats, using it to do nasty things !! But in essence... robots.txt !!!!!!!!!!!! We found a encrypted patch within our robots file, which when decrypted, pointed the spiders, for googlebot, inktomi, msn,slurp etc to this other persons site !!! Sounds so bleeding obvious now huh !! That and a one line include, php code.. was all that was needed for this dick. to do what he did. We caught him, cos we set up a spare website, with exzact same code as the site he HAD hacked. and left it sitting there, soon as the site was changed a trigger was set, and then the arduous task of finding what files were changed... began. We couldnt ( fella who did it for us ) ascertain what file had been changed, cos within the script, it pointed to a file date change hack, which juggled all file ( last update ) to TODAYS date, presumably to beat the xml sitemapping, for most recent update, to allure a new spider of the site, which re affirms, the hack.. and so compounded our issue. The matter will now be passed to our solicitors, and hopefully, at the least we can shut this guy down !! So anyone out there, be aware.. Sorry to bore those who aint into this stuff, but its a serious loophole. Ste |
Re: Remember our hacker ? ( website )
glad you got the person responsible good luck with sueing the pants off him :thumbsup:
|
Re: Remember our hacker ? ( website )
Originally Posted by asher
(Post 6080702)
glad you got the person responsible good luck with sueing the pants off him :thumbsup:
We know his regular haunts ( server hosts ) so are contacting them all, as we have used all of them at one point or another over the years. Ste |
Re: Remember our hacker ? ( website )
Originally Posted by Timber Floor Au
(Post 6080715)
LOL cheers, I seriously doubt we will get recompense, millenium copyright infringement enforcement is a MINEFIELD !So will be happy just to close him down....
We know his regular haunts ( server hosts ) so are contacting them all, as we have used all of them at one point or another over the years. Ste |
Re: Remember our hacker ? ( website )
Originally Posted by asher
(Post 6080730)
do you actually have a name and face? or just an IP? closing him down is good but really you should get some recompense for all the grief he's given you and it must have cost you a bit too
No name no face, just his server details, and website , he has lodged private details, on domains. We will get him :) |
Re: Remember our hacker ? ( website )
Originally Posted by Timber Floor Au
(Post 6080757)
Cost approx $nearly 3 figures k !
No name no face, just his server details, and website , he has lodged private details, on domains. We will get him :) |
Re: Remember our hacker ? ( website )
Jesus Christ Ste! Like you say, sounds so simple now. Knowing where to look in the first place is the key though isnt it.
Glad you've finally get it sorted - must be a big weight off your shoulders. :) |
Re: Remember our hacker ? ( website )
Well youve totally confused me with spiders etc:unsure: but get the jist that you have found your hacker Hope he gets what he deserves. Good luck
Joex |
Re: Remember our hacker ? ( website )
Originally Posted by Timber Floor Au
(Post 6080686)
*snip*
So anyone out there, be aware.. Sorry to bore those who aint into this stuff, but its a serious loophole. Ste Glad to hear you've cornered the git though. |
Re: Remember our hacker ? ( website )
Originally Posted by Timber Floor Au
(Post 6080686)
Some guy was getting our results for his cloned site, of one of ours. It was happening every time we were spidered, and we couldnt nor could our google rep, understand how, our ranks and sep's getting juggled with almost clinical occurence... it was a real bummer.. Well heres the result, and I for one will not be posting the encrypted or decrpted code this toe rag used, for fear of copycats, using it to do nasty things !! We found a encrypted patch within our robots file, which when decrypted, pointed the spiders, for googlebot, inktomi, msn,slurp etc to this other persons site !!! cos within the script, it pointed to a file date change hack, which juggled all file ( last update ) to TODAYS date, presumably to beat the xml sitemapping, for most recent update, to allure a new spider of the site, which re affirms, the hack.. and so compounded our issue. Ste :blink:mmmmh?:confused::blink::blink: eeer well done i guess:blink::blink: |
Re: Remember our hacker ? ( website )
DMCA emailed today...
lol they make me bloody laugh !!!!! We cited, 1,900 areas of copyright infirngement. You have to list every single instance of copyright infringement or thefy etc. Inc url, code, markup, file type and name etc etc etc We even showed them, he was actually, using our google publisher account on over 45 pages.... he had copied entire code, including advertisers, and so hadnt changed google code !! Which we could have been banned for ! Which is of course all sorted... nonetheless.. we also demonstrated, flash and image files, with our copyright watermarks on, that are on HIS site. We also, had our acct manager in Sydney , from Google, and acct manager from ( 2 other media sources ) include server transcript, proving fraudulent copyright infringement Their response. Unfortunately, you have demonstrated insufficient information, to allow us to pursue this matter. Bless them !!! |
Re: Remember our hacker ? ( website )
Originally Posted by Timber Floor Au
(Post 6086202)
DMCA emailed today...
lol they make me bloody laugh !!!!! We cited, 1,900 areas of copyright infirngement. You have to list every single instance of copyright infringement or thefy etc. Inc url, code, markup, file type and name etc etc etc We even showed them, he was actually, using our google publisher account on over 45 pages.... he had copied entire code, including advertisers, and so hadnt changed google code !! Which we could have been banned for ! Which is of course all sorted... nonetheless.. we also demonstrated, flash and image files, with our copyright watermarks on, that are on HIS site. We also, had our acct manager in Sydney , from Google, and acct manager from ( 2 other media sources ) include server transcript, proving fraudulent copyright infringement Their response. Unfortunately, you have demonstrated insufficient information, to allow us to pursue this matter. Bless them !!! think you made a typo there shouldn't that have been bomb them :rofl: |
Re: Remember our hacker ? ( website )
Originally Posted by Timber Floor Au
(Post 6080686)
But in essence...
robots.txt !!!!!!!!!!!! We found a encrypted patch within our robots file, which when decrypted, pointed the spiders, for googlebot, inktomi, msn,slurp etc to this other persons site !!! |
Re: Remember our hacker ? ( website )
OMG don't understand any of that but what happens now? Can you still pursue him or do you have to try and find some other evidence that they will believe?
I'll have to speak to Rach so she can explain this to me in simple terms! Mrs Jackeroo where are you??? |
Re: Remember our hacker ? ( website )
Glad you got it sorted.
While we do not want the code being put on a public forum for any other scumbags to leach any symptoms we can look for or preventative measures to take to avoid the same fate. |
Re: Remember our hacker ? ( website )
Yup , robots.txt and .htaccess are pretty powerful and often overlooked.
|
Re: Remember our hacker ? ( website )
Originally Posted by Timber Floor Au
(Post 6086202)
DMCA emailed today...
lol they make me bloody laugh !!!!! We cited, 1,900 areas of copyright infirngement. You have to list every single instance of copyright infringement or thefy etc. Inc url, code, markup, file type and name etc etc etc We even showed them, he was actually, using our google publisher account on over 45 pages.... he had copied entire code, including advertisers, and so hadnt changed google code !! Which we could have been banned for ! Which is of course all sorted... nonetheless.. we also demonstrated, flash and image files, with our copyright watermarks on, that are on HIS site. We also, had our acct manager in Sydney , from Google, and acct manager from ( 2 other media sources ) include server transcript, proving fraudulent copyright infringement Their response. Unfortunately, you have demonstrated insufficient information, to allow us to pursue this matter. Bless them !!! I have absolutely no idea what you've been banging on about other than some shit has been hacking into your sites, but have you now been able to block it so it can't happen again? |
Re: Remember our hacker ? ( website )
If it makes you feel better Trend Micro (anti virus producer) got hacked and malware placed on their website.
http://www.sophos.com/security/blog/2008/03/1186.html
Originally Posted by Timber Floor Au
(Post 6080686)
Hi guys, remember the thread I did, about 6 weeks+ ago, regarding some knob head hacking our site, and well wreaking havoc?
We contracted a guy to go thru every bit of code, he has just finished, and given us the results. He was astonished at how devious these hackers are, and had never seen such a blatant cheeky possibly unknown and vastly un-published method of hacking. Now to reiterate the story. Some guy was getting our results for his cloned site, of one of ours. It was happening every time we were spidered, and we couldnt nor could our google rep, understand how, our ranks and sep's getting juggled with almost clinical occurence... it was a real bummer.. Not just on cost , but also heart breaking . Well heres the result, and I for one will not be posting the encrypted or decrpted code this toe rag used, for fear of copycats, using it to do nasty things !! But in essence... robots.txt !!!!!!!!!!!! We found a encrypted patch within our robots file, which when decrypted, pointed the spiders, for googlebot, inktomi, msn,slurp etc to this other persons site !!! Sounds so bleeding obvious now huh !! That and a one line include, php code.. was all that was needed for this dick. to do what he did. We caught him, cos we set up a spare website, with exzact same code as the site he HAD hacked. and left it sitting there, soon as the site was changed a trigger was set, and then the arduous task of finding what files were changed... began. We couldnt ( fella who did it for us ) ascertain what file had been changed, cos within the script, it pointed to a file date change hack, which juggled all file ( last update ) to TODAYS date, presumably to beat the xml sitemapping, for most recent update, to allure a new spider of the site, which re affirms, the hack.. and so compounded our issue. The matter will now be passed to our solicitors, and hopefully, at the least we can shut this guy down !! So anyone out there, be aware.. Sorry to bore those who aint into this stuff, but its a serious loophole. Ste |
Re: Remember our hacker ? ( website )
Originally Posted by Timber Floor Au
(Post 6086202)
Unfortunately, you have demonstrated insufficient information, to allow us to pursue this matter.
|
Re: Remember our hacker ? ( website )
Originally Posted by Timber Floor Au
(Post 6080686)
Hi guys, remember the thread I did, about 6 weeks+ ago, regarding some knob head hacking our site, and well wreaking havoc?
We contracted a guy to go thru every bit of code, he has just finished, and given us the results. He was astonished at how devious these hackers are, and had never seen such a blatant cheeky possibly unknown and vastly un-published method of hacking. Now to reiterate the story. Some guy was getting our results for his cloned site, of one of ours. It was happening every time we were spidered, and we couldnt nor could our google rep, understand how, our ranks and sep's getting juggled with almost clinical occurence... it was a real bummer.. Not just on cost , but also heart breaking . Well heres the result, and I for one will not be posting the encrypted or decrpted code this toe rag used, for fear of copycats, using it to do nasty things !! But in essence... robots.txt !!!!!!!!!!!! We found a encrypted patch within our robots file, which when decrypted, pointed the spiders, for googlebot, inktomi, msn,slurp etc to this other persons site !!! Sounds so bleeding obvious now huh !! That and a one line include, php code.. was all that was needed for this dick. to do what he did. We caught him, cos we set up a spare website, with exzact same code as the site he HAD hacked. and left it sitting there, soon as the site was changed a trigger was set, and then the arduous task of finding what files were changed... began. We couldnt ( fella who did it for us ) ascertain what file had been changed, cos within the script, it pointed to a file date change hack, which juggled all file ( last update ) to TODAYS date, presumably to beat the xml sitemapping, for most recent update, to allure a new spider of the site, which re affirms, the hack.. and so compounded our issue. The matter will now be passed to our solicitors, and hopefully, at the least we can shut this guy down !! So anyone out there, be aware.. Sorry to bore those who aint into this stuff, but its a serious loophole. Ste Lau x |
Re: Remember our hacker ? ( website )
Cheers Guys.
Yeppers Linux.. and Fantastico !!! ( so cPanel ) Good point regarding htaccess Data ! Because of security vulnerabilities, within php we have had to mod(j)ify htacces .. i say wee.. lol thats a lie, someone else has done that, spotty teenage buggers lolol Ste |
Re: Remember our hacker ? ( website )
well done for all of that, just reading it impressed me.....
seriously though glad you were able to track the little s*** down! Ems x |
Re: Remember our hacker ? ( website )
Originally Posted by Timber Floor Au
(Post 6105473)
Cheers Guys.
Yeppers Linux.. and Fantastico !!! ( so cPanel ) Good point regarding htaccess Data ! Because of security vulnerabilities, within php we have had to mod(j)ify htacces .. i say wee.. lol thats a lie, someone else has done that, spotty teenage buggers lolol Ste |
Re: Remember our hacker ? ( website )
Originally Posted by Hutch
(Post 6106083)
There are a number of serious cPanel exploits out there. We have our own co-located box in Telehouse London and would never allow cPanel near it. :)
|
Re: Remember our hacker ? ( website )
Originally Posted by datamile
(Post 6106145)
cpanel is not that bad, get far more hacks from Vbulletin , CMS modules, and bad mailform apps.
I agree, VB and especially, some of the very well known CMS apps. such as mambo, joomla, and the eccommerce stuff too. Ste |
Re: Remember our hacker ? ( website )
I've been wondering what the outcome of this was... glad to know you've nailed the problem and can start working on a fix. Now if only you could nail the nasty little s**t who did it :sneaky:
|
Re: Remember our hacker ? ( website )
Originally Posted by ridds
(Post 6107293)
I've been wondering what the outcome of this was... glad to know you've nailed the problem and can start working on a fix. Now if only you could nail the nasty little s**t who did it :sneaky:
Moreso, is the fact most legals, dont touch internet stuff, as the provision and accesability of publicly available sites, pages content and docs, is so hard to enforce. Just look at DVD piracy, and the number of ppl who copy sell and trade in pirate dvd' films.. and the policing and posecution, soon realises the fact, prosecution, over site cloning, theft, and hacking.. is very very complex laborious and complicated. We are still working towards, getting the little shit... but its took 3 years to get to this point, without legal help, so im under no illusion, it will be anything sooner than 5+ years to pursue him, for financial loss/claim. Ste |
Re: Remember our hacker ? ( website )
Originally Posted by Gobbledegeek
(Post 6084440)
So are there any preventative measures that can be taken?
Glad to hear you've cornered the git though. |
Re: Remember our hacker ? ( website )
So how did he get to change the robots file :confused:
|
All times are GMT -12. The time now is 7:19 pm. |
Powered by vBulletin: ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.