Jump to content

[Solved] Johnny Hacked

jonathan Kokott

By jonathan Kokott
in Escalated Requests

 Share

Recommended Posts

jje Newbie

jje

Posted
Posted

Your welcome. :)

 

We're not actually sure how Johnny was hacked. However, we have put up extra security on both Johnny or Stevie so the problem shouldn't happen again.

 

I have just found something strange in cPanel that could have easily created a big security hole, which the hackers could have used to get into Johnny. I have brought it up with the staff.

  • Replies 140
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Deathmax Newbie

Deathmax

Posted
Posted
Should be up now. The hackers seem to have replaced random files with their HTML page, so I'm not sure but that might have happened to you guys too. If it did... sorry, but we have no backups.

It seems to have replaced any file with the word index in it.

 

Also, parts of cPanel is still not back up yet

jje Newbie

jje

Posted
Posted

Yes - we are aware of this and are waiting on djbob.

 

We apologize for any inconvenience.

Ashoat Explorer

Ashoat

Posted
Posted

Okay guys, try now. Let me know if there are any other pages returning the hacked HTML.

NetFreak Newbie

NetFreak

Posted
Posted

@jje, you were talking about a security hole. Hope you'll be able to fix everything. After detecting all problems and fixing them all, please let us know the good news :)

Seslak Newbie

Seslak

Posted
Posted

Softaculous needs to be fixed. I've removed entire added domain and it's folder and then added it back again. That fixed the problem on the index page (surprise, surprise :) ). cpanel already worked when i logged in so softaculous is the only thing still not working. I would be very happy if my entire account could be reinitialized since i had the account for a few days only so no data was lost 'cause i planned to upload the site these days. Anyway, hope you fix this, this is still the best hosting solution.

 

Peace.

 

-S

wenmi01 Newbie

wenmi01

Posted
Posted

site url: wenmi01.heliohost.org this was hosted on johnny.heliohost.org

 

I can't put anything even index.html, I deleted the www files and folders but still this shows up..

 

Can anyone fix this up?

 

B.l.a.c.k H.a.t G.r.o.u.p

 

 

Hacked By #BHG

Member Team : [Net.Edit0r & DarkCoder & fr0nk & Amir-Magic & H3X & Milad.C0nn3ct0r& D3adly ]

 

Yah0o.Id : ./Net.Edit0r@Att.Net , DarkCoder@Att.Net , Fr0nk@Rogers.Com , Sg_00700@Yahoo.Com , G0dr0ot3r@Yahoo.Com -

 

[ ./Iranian HackerZ #Persian Gulf ]

NetFreak Newbie

NetFreak

Posted
Posted

Hi, is there any chance that the hacker could download all files from the Jonny server to his local hard drive?

 

site url: wenmi01.heliohost.org this was hosted on johnny.heliohost.org

 

I can't put anything even index.html, I deleted the www files and folders but still this shows up..

 

Can anyone fix this up?

 

B.l.a.c.k H.a.t G.r.o.u.p

 

 

Hacked By #BHG

Member Team : [Net.Edit0r & DarkCoder & fr0nk & Amir-Magic & H3X & Milad.C0nn3ct0r& D3adly ]

 

Yah0o.Id : ./Net.Edit0r@Att.Net , DarkCoder@Att.Net , Fr0nk@Rogers.Com , Sg_00700@Yahoo.Com , G0dr0ot3r@Yahoo.Com -

 

[ ./Iranian HackerZ #Persian Gulf ]

 

You didn't need to delete all files from your account. You had to just replace that index file with your own index file. I've checked everything in cPanel. Except Webmail, subdomain and softaculous, Djbob has fixed everything.

 

I think as you are using a subdomain of heliohost, that's why you are facing this problem. Just wait. I hope djbob will fix this issue soon :)

jje Newbie

jje

Posted
Posted

@wenmi01 - Try deleting index.htm from 'public_html' instead of 'www'.

 

Also, when you access the cPanel File Manager, you are usually asked which directory you wish to navigate to. Just below that question, could you tick the checkbox that says 'Show hidden files (dot files)'.

 

Then, in the file manager, could you go to 'public_html' and delete .htaccess if you see it.

 

Something else you could try is clearing your cache.

 

@Seslak - Even if you created a new account, these problems would still occur. This problem is occuring site-wide, on every website, old and new.

 

@NetFreak - There is a chance... if the hacker had a very large hard drive with around 10,000GB on...

 

@everyone - Yup, we're just waiting for djbob to fix the remainder of the damage caused by the hacker.

Guest Geoff

Guest Geoff

Posted
Posted
Hi, is there any chance that the hacker could download all files from the Jonny server to his local hard drive?

 

Technically, it's possible, but keep in mind:

 

- Johnny is a server with a huge hard drive (>1tb)

- Hacker has a hard drive of maybe 300gb

- Hacker has probably used 1/2 of that space already.

- Downloading 1tb would take days on the fastest home connection

 

So, really, it's not practical.

 

Another problem to fix: http://johnny.heliohost.org/

 

Change that page to the cPanel WHM was installed...

Seslak Newbie

Seslak

Posted
Posted

even if he downloaded it I had no important files and all my passwords are unique from account to account for everything so... he won't have anything from me, i'm peaceful...

 

anyway, looks like there was another attack... cpanel died. Says:

 

A3q was here ... A3q [ at ] att [ . ] net

Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...