|
Since I look at my LL domains the most, I thought the hack was just limited to those domains. Unfortunately, it unfolded today when I got a message from a person who purchased some templates that I sell on a non-adult site who couldn't download his purchase, and I went to check out what as wrong and I got hit with trojans and viri, I realized my problem was MUCH bigger.
Phatservers, God BLESS THEM! ran a check for all files written or modified on the date of the hack, and this is after already deleing, oh 1,000 files off my server, we found about that many more.
They apparently uploaded a program in tar file, untarred it, then got to work dropping 3 or 4 files in almost every subfolder in about 50% of the domains on my box. They also defaced some pages, saying this was hacked by a balenese crew (something like that) and on the pages they defaced, they had auto downloaders for the trojans and viruses.
As far as the link list, they altered the link.html file so that they added a link to a w@rez board on EVERY site I was linking to on both redcherry and porntastic, so like 10k links on each, altered my header and footer files too and added a few more nasty links just for the fucking hell of it.
Fortunately, we found this within hours of the hack, and got those right off. We just didn't realize how much more extensive they were in trashing the server until today.
I should have dropped a note today when I realized there was the possibility of peeps hitting a page with trojans on it, but frankly, I was so damn busy trying to check every folder and delete files, I didn't think about it.
|