Results 1 to 4 of 4
November 1st, 2008, 05:01 PM #1Is there a connection between databases and malicious software?
OK, maybe someone with a better understanding of how this stuff works can help me.
A few weeks ago I posted that my databases had been almost entirely wiped out. The databases belonged to different sites but were all under the same hosting account. Last week, I posted that Google had blocked my account because someone had installed badware on my site, a wordpress site. I have since removed that site and reinstalled a fresh version of WP. I got the all-clear from Google in about 2 days, on Oct. 25.
I just received this email from my web host:
We have received complaints of a phishing site being hosted on your site as referenced above. Upon inspection, we found that a phishing site had been installed on your account. The vast majority of phishing sites are installed by malicious users who have found exploits in scripts previously (and legitimately) installed on the account. We have taken the above actions to prevent further malicious activities. Please make sure to update your password to something more secure at this point and to update all the scripts/plugins on your account to the latest version.
What steps do I need to take now? The email states that they have taken the above actions, however no actions were included in the email. They gave me the url of the phishing site and it is (or rather, was) located in the main site on the account. Can this affect the subdomains? Could this be what wiped out my databases? And, what do I do now?
Sorry for all the questions, I'm just not sure what to do. Thanks for any and all suggestions.
November 1st, 2008, 06:02 PM #2
- Join Date
- January 18th, 2005
- jacked by sylon www.sylonddos.weebly.com
Why don't you call your host and ask them what you need to do??
November 1st, 2008, 06:10 PM #3
- Join Date
- October 11th, 2008
1) The host could have bad security on the particular server your on.
2) The version of WP, any plugins, etc. could have a security flaw
3) Your passwords may have been stolen
You need to....
1) Pull the sites, change the passwords, have the host create a NEW account on a DIFFERENT server with DIFFERENT passwords.
2) Research the WP Changelogs/Security Warnings/Issues and upgrade if needed
3) Research any plugins you use for Security Warnings/Issues and upgrade if needed
4) Rebuild the site from scratch (i.e. new empty database) with a new and much more complex password
Most often I've seen this sort of thing with autoresponders, form submission, comment submission, etc. And almost always with a plugin. But did have a couple incidents with people over the years that left their SQL ports open, no passwords on their databases, etc. as well.
November 1st, 2008, 06:34 PM #4
- Join Date
- September 7th, 2007
- Cuautitlán, Edo. de México
By bettylou in forum Midnight Cafe'Replies: 23Last Post: October 29th, 2008, 08:27 AM
By wireninja in forum eBay Partner NetworkReplies: 4Last Post: June 6th, 2008, 10:55 PM
By davester in forum Commission Junction - CJReplies: 7Last Post: January 13th, 2005, 03:11 PM