Results 1 to 22 of 22
  1. #1
    Action Jackson - King of the World
    Join Date
    January 18th, 2005
    Posts
    2,201
    Arrrrrrrgh Hijacked
    One of my sites was hijcked by a credit card company and now I have to do a complete backup of all my sites and do an OS Reboot. Someone give me some vodka!

  2. #2
    Moderator BurgerBoy's Avatar
    Join Date
    January 18th, 2005
    Location
    jacked by sylon www.sylonddos.weebly.com
    Posts
    9,618
    Talking
    Tell us which credit card company so we know not to do business with them.

    Vietnam Veteran 1966-1970 USASA
    ABW Forum Rules - Advertise At ABW

  3. #3
    Life is Supposed to be Fun! Rexanne's Avatar
    Join Date
    January 18th, 2005
    Location
    Los Angeles
    Posts
    12,360
    Yikes Jack ... sucks.

    Why would a CC company hijack your site? Is it an affiliate CC page?

    Here's some cheer:
    Peace,

    Rexanne

    Rexanne.com
    Loving Everyone's Child Creates Magic


  4. #4
    Action Jackson - King of the World
    Join Date
    January 18th, 2005
    Posts
    2,201

  5. #5
    Life is Supposed to be Fun! Rexanne's Avatar
    Join Date
    January 18th, 2005
    Location
    Los Angeles
    Posts
    12,360
    Quote Originally Posted by jackson992
    Eeeeeeeeeewwwwwwwwww that's nasty.

    What a shock it must be to see your site hijacked like that. *shudders at the thought*
    Peace,

    Rexanne

    Rexanne.com
    Loving Everyone's Child Creates Magic


  6. #6
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    Nunya, Business
    Posts
    23,684
    So how does that work exactly? I don't understand why it's going to that page.

  7. #7
    Life is Supposed to be Fun! Rexanne's Avatar
    Join Date
    January 18th, 2005
    Location
    Los Angeles
    Posts
    12,360
    Quote Originally Posted by TrustNo1
    So how does that work exactly? I don't understand why it's going to that page.
    I thik someone took Jack's site URL and replaced (hijacked) it with that CC crap. It's horrifying to realize this can be done.
    Peace,

    Rexanne

    Rexanne.com
    Loving Everyone's Child Creates Magic


  8. #8
    2005 Linkshare Golden Link Award Winner  ecomcity's Avatar
    Join Date
    January 18th, 2005
    Location
    St Clair Shores MI.
    Posts
    17,328
    Credit card for cybercriminals and overseas con-men
    Domain Name: MYGCARD.COM
    Registrar: GANDI
    Whois Server: whois.gandi.net
    Referral URL: http://www.gandi.net
    Name Server: DNS1.VALUEWEB.COM
    Name Server: DNS2.VALUEWEB.COM
    Name Server: DNS3.VALUEWEB.COM
    Status: REGISTRAR-LOCK
    Updated Date: 10-mar-2006
    Creation Date: 02-nov-2004
    Expiration Date: 02-nov-2009

    Operated by the Liberal socialist Frenchies they are the private registrar and host for terrorist sites, foreign e-mail scammers and the Euro trash and ME porn operators. Take your pick as to who gottcha!

    If they really did the nasty on you then call their stateside hosting company for the hidden details...
    Administrative Contact :
    Affinity Internet Inc.
    domainmanager@affinity.com
    3250 West Commercial Blvd.
    Suite 200
    Ft. Lauderdale, FL 33309
    US
    Phone: 954-334-8000
    Fax: 954-334-8001
    Webmaster's... Mike and Charlie

    "What have you done today to put real value into a referral click...from a shoppers viewpoint!"

  9. #9

    Join Date
    June 7th, 2006
    Posts
    1,596
    Unbelievable.

  10. #10
    Full Member
    Join Date
    September 10th, 2005
    Posts
    369
    I don't understand how that works either. How could they hijack it? Do they figure out the registrar login and change the domain pointers.

  11. #11
    notary sojac Herb ԿԬ's Avatar
    Join Date
    January 18th, 2005
    Location
    Central/Western NY State
    Posts
    7,741
    if a domain isn't "locked," it is possible to claim ownership of it to the registrar, who is legally bound to turn it over. I don't know how much warning, if any, you get about it.

  12. #12
    Member SALocalcom's Avatar
    Join Date
    April 15th, 2005
    Location
    Marfa, TX
    Posts
    153
    I found an "iframe src=' on my root "index.htm" a while back. Didn't show in FrontPage, so I deleted it thru my file manager's html editor. I had a good password too, now it's a better one.
    Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety. Benjamin Franklin-1752[url="http://www.salocal.com/goldwing/goldwing_tech.htm"][/url]

  13. #13
    The Great Egress NewcastleB's Avatar
    Join Date
    January 19th, 2005
    Posts
    65
    It was probably on of those s*** for brains people that's always scanning sites. I had one really aggressive scanner come through today, got a bunch of 404's, but it came through. It was looking for everything from awstats.pl to data/protection.php to /admin/SignIn.php to /mambo/index2.php?option=com_content&do_pdf=1&id=1 and a bunch of others. After reading this post I got an idea. The scanners always request a non existent file before starting the scan. Today it was thisdoesnotexistahaha.php . They do this to confirm that your server is sending a proper 404 for files that don't exist. Every time I come across a scan, I'm going to create the nonexistent file it requests and put a spider trap in it. I'll just block them before they can scan my site.
    But are you still master of your domain?

  14. #14
    SEO: A Specialty - Web Design: Slow or outsourced andbeyond's Avatar
    Join Date
    June 18th, 2006
    Location
    The Call is coming from Inside the House!
    Posts
    1,332
    There is tons of links to affilate programs in all of those pages. If I was you and bored / pissed off I might after trying everything to get back the url control and notifying his hosting might start sending letters to the affiliate managers. Maybe they dont like to be associated with this type of person.

    Maybe when they review his account it might not look like such a good agreement. Some of those companies are pretty straight laced. This action might surprise them. Maybe they find that he is violating some part of the affiliate agreement.

    Not sure if I am just being vindictive. Any experience in this out there?

  15. #15
    ABW Ambassador Sheri's Avatar
    Join Date
    February 17th, 2005
    Location
    Kansas
    Posts
    531
    Wow. That kind of stuff scares me to death. When I saw the registrar name I had to think because I knew it sounded familiar. I saw a complaint about them just yesterday on another forum. I don't know if it is OK to post the link here but I'm going to give it a try because I think you need to see what it says. They may be also SPAMMING using your URL.

    Gandi Link

    I also found an old thread here that mentioned them as well.

    Gandi link from ABW

    Best of luck!

    Sheri

  16. #16
    Moderator leeann's Avatar
    Join Date
    January 18th, 2005
    Posts
    2,955
    Wow, I wonder if that is what is going on with one of my sites. It has been down for 10 hours now. It happened the same time I got an unremovable virus which looked for ftp files (all Greek to me).
    leeann


    Shoppers determine what has value and they like coupons. Stop manipulating who set the cookie just because you do not like coupon and promotional sites.

  17. #17
    Lite On The Do, Heavy On The Nuts Donuts's Avatar
    Join Date
    January 18th, 2005
    Location
    Winter Park, FL
    Posts
    6,930
    I'm not following this thread at all... tired from Aff Summit I guess...

    I saw the shopping-to... link and went there and don't understand the hijack complaint.

    If this is still an open issue, can someone splain it to me in simpler terms?

  18. #18

    Join Date
    June 7th, 2006
    Posts
    1,596
    Looks like Jackson got the site back.

    You missed it donuts.

  19. #19
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    Sacramento, CA
    Posts
    1,263
    I was gonna say... that doesn't look like any credit card site I've ever seen :P
    Hi, I'm a signature.

  20. #20
    Action Jackson - King of the World
    Join Date
    January 18th, 2005
    Posts
    2,201
    yes I got it back. Thx to 7 days for making me aware that it was showing all my pages before as I took down the index page when the site was going to the credit card site. Now I just have to finish backing up my sites so I can do an OS Reload. Unfortunately my host said the box is rooted.

  21. #21
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    Los Angeles
    Posts
    4,053
    Donuts, there was another site altogether showing up at Jack's URL - and I"ve heard it's happened to some other sites recently, by that same credit card site.

    No idea how they're doing it, it's some kind of DNS exploit maybe?

  22. #22
    SEO: A Specialty - Web Design: Slow or outsourced andbeyond's Avatar
    Join Date
    June 18th, 2006
    Location
    The Call is coming from Inside the House!
    Posts
    1,332
    Thats great. Man usually these things drag out and take weeks to fix.

  23. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Hijacked?
    By abantu in forum Suspicious Activity!
    Replies: 15
    Last Post: July 18th, 2005, 05:44 PM
  2. Google Hijacked?
    By Rick K. in forum Search Engine Optimization
    Replies: 7
    Last Post: May 27th, 2005, 01:30 PM
  3. Hijacked? Very Strange - Need Help
    By bob95603 in forum Midnight Cafe'
    Replies: 2
    Last Post: January 26th, 2005, 01:35 AM
  4. Link Hijacked
    By speda1 in forum Suspicious Activity!
    Replies: 1
    Last Post: December 3rd, 2003, 02:56 PM
  5. Please Help!!! My computer has been hijacked!!!
    By wtjpm in forum Suspicious Activity!
    Replies: 5
    Last Post: June 14th, 2002, 02:19 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •