Timber Floor Au

Hi guys, remember the thread I did, about 6 weeks+ ago, regarding some knob head hacking our site, and well wreaking havoc?

We contracted a guy to go thru every bit of code, he has just finished, and given us the results. He was astonished at how devious these hackers are, and had never seen such a blatant cheeky possibly unknown and vastly un-published method of hacking.

Now to reiterate the story.

Some guy was getting our results for his cloned site, of one of ours. It was happening every time we were spidered, and we couldnt nor could our google rep, understand how, our ranks and sep's getting juggled with almost clinical occurence... it was a real bummer..

Not just on cost , but also heart breaking .

Well heres the result, and I for one will not be posting the encrypted or decrpted code this toe rag used, for fear of copycats, using it to do nasty things !!

But in essence...

robots.txt !!!!!!!!!!!!

We found a encrypted patch within our robots file, which when decrypted, pointed the spiders, for googlebot, inktomi, msn,slurp etc to this other persons site !!!

Sounds so bleeding obvious now huh !!

That and a one line include, php code.. was all that was needed for this dick. to do what he did.

We caught him, cos we set up a spare website, with exzact same code as the site he HAD hacked. and left it sitting there, soon as the site was changed a trigger was set, and then the arduous task of finding what files were changed... began.

We couldnt ( fella who did it for us ) ascertain what file had been changed, cos within the script, it pointed to a file date change hack, which juggled all file ( last update ) to TODAYS date, presumably to beat the xml sitemapping, for most recent update, to allure a new spider of the site, which re affirms, the hack.. and so compounded our issue.

The matter will now be passed to our solicitors, and hopefully, at the least we can shut this guy down !!

So anyone out there, be aware..

Sorry to bore those who aint into this stuff, but its a serious loophole.

Ste

asher

glad you got the person responsible good luck with sueing the pants off him

Timber Floor Au

LOL cheers, I seriously doubt we will get recompense, millenium copyright infringement enforcement is a MINEFIELD !So will be happy just to close him down....

We know his regular haunts ( server hosts ) so are contacting them all, as we have used all of them at one point or another over the years.

Ste

asher

do you actually have a name and face? or just an IP? closing him down is good but really you should get some recompense for all the grief he's given you and it must have cost you a bit too

Timber Floor Au

Cost approx $nearly 3 figures k !

No name no face, just his server details, and website , he has lodged private details, on domains. We will get him

asher

Good luck mate.

Mrs Jackaroo

Jesus Christ Ste! Like you say, sounds so simple now. Knowing where to look in the first place is the key though isnt it.

Glad you've finally get it sorted - must be a big weight off your shoulders.

mark 'n' joe

Well youve totally confused me with spiders etc but get the jist that you have found your hacker Hope he gets what he deserves. Good luck

Joex

Gobbledegeek

So are there any preventative measures that can be taken?

Glad to hear you've cornered the git though.

weez75

mmmmh?

eeer well done i guess

Timber Floor Au

DMCA emailed today...

lol they make me bloody laugh !!!!!

We cited, 1,900 areas of copyright infirngement.
You have to list every single instance of copyright infringement or thefy etc. Inc url, code, markup, file type and name etc etc etc

We even showed them, he was actually, using our google publisher account on over 45 pages.... he had copied entire code, including advertisers, and so hadnt changed google code !! Which we could have been banned for ! Which is of course all sorted... nonetheless.. we also demonstrated, flash and image files, with our copyright watermarks on, that are on HIS site.

We also, had our acct manager in Sydney , from Google, and acct manager from ( 2 other media sources ) include server transcript, proving fraudulent copyright infringement

Their response.

Unfortunately, you have demonstrated insufficient information, to allow us to pursue this matter.

Bless them !!!

asher

what!!

think you made a typo there shouldn't that have been bomb them

Hutch

Woah - nasty. Don't run cPanel on your server by any chance, do you?

gillysm

OMG don't understand any of that but what happens now? Can you still pursue him or do you have to try and find some other evidence that they will believe?
I'll have to speak to Rach so she can explain this to me in simple terms! Mrs Jackeroo where are you???

graz79

Glad you got it sorted.

While we do not want the code being put on a public forum for any other scumbags to leach any symptoms we can look for or preventative measures to take to avoid the same fate.