| Posted by dakotamiva, 08-25-2006, 05:19 PM | |
http://hostfrog.com/
Seems like it was hacked by iSKORPiTX. My site were also hacked into.
Any information on the hacker on anything from the higher-ups of Host-Frog?
|
| Posted by layer0, 08-25-2006, 05:24 PM | |
http://hostfrog.com/powerhosting.php , etc. works.
It seems to be a simple exploit to me...
|
| Posted by WireNine, 08-25-2006, 05:49 PM | |
The kernel exploit where index.html is modified, happened to quite a few web hosts.
|
| Posted by Cirtex, 08-25-2006, 06:26 PM | |
Their live support is online, I'll go do them a favor and let them know their index page is offline
|
| Posted by layer0, 08-25-2006, 08:41 PM | |
http://support.hostfrog.com/ - they fixed the main site but the support page is still messed
|
| Posted by dakotamiva, 08-26-2006, 02:06 AM | |
Well, seems like the hacker only defaced the index files, so it was no trouble with recovering any of my data. But I still cannot log into my cPanel and WHM accounts, and it seems like my e-mail isn't being sent to my Thunderbird client.
|
| Posted by TRIBOLIS, 08-26-2006, 03:13 AM | |
Just checking hostfrog site, it seems all good now without "hacked by..."
|
| Posted by dakotamiva, 08-26-2006, 03:22 AM | |
Yeah, it looks like they got their own site back in order. My site is back in order besides my cPanel, WHM and my e-mail addresses.
Edit: http://support.hostfrog.com/ is still defaced.
|
| Posted by dakotamiva, 08-28-2006, 07:43 AM | |
Well, now my entire cPanel has been taken down, and none a one reply to my support tickets, and not a word on when things are going to be back in order.
I think it's time to search for a new web host.
|
| Posted by RobM, 08-28-2006, 08:57 AM | |
what does it say inside cpanel?
|
| Posted by PremiumHost, 08-28-2006, 10:44 AM | |
I reckon something else is happening.
Would it be a operating system reload?
|
| Posted by HostiaWeb, 08-28-2006, 03:38 PM | |
http://forums.hostfrog.com/
is defaced too...
|
| Posted by Energizer Bunny, 08-28-2006, 06:10 PM | |
Aah man thats sad , wishing hostfrog good luck in fixing the problem, someone must have something against hostfrog .
|
| Posted by dakotamiva, 08-28-2006, 07:11 PM | |
Firefox can't establish a connection to the server at pointatrad.com:2082.
|
| Posted by layer0, 08-28-2006, 09:26 PM | |
Find another host.
|
| Posted by RobM, 08-28-2006, 11:35 PM | |
did anybody site index files change when it got hack, like when you went to your site did it say something like you been hacked?
|
| Posted by dakotamiva, 08-29-2006, 02:53 AM | |
Just the index files and any files that allowed people to log into a web site were either deleted or defaced.
|
| Posted by KPRS, 08-29-2006, 04:07 AM | |
This group are hacking anyone and everyone.
i see this may be reason behind this on fuse9 http://fuse9.net/
no idea how long down hope ok.
|
| Posted by LoganNZ, 08-29-2006, 07:19 PM | |
Why?
Why ditch a host that has just been innocently hacked?
I find your comment very ammusing, Why leave a business when they are already having major issues?
Leaving a hacked host doesn't solve anything.....
I am sure Host-frog are onto it, But by the looks of the hack it could be major. They have secure backups so they should start restoring soon.
|
| Posted by CD Burnt, 08-29-2006, 07:44 PM | |
four days. ?
|
| Posted by dakotamiva, 08-29-2006, 07:57 PM | |
I think my issue is that there have not been any contact by Host-Frog either here, on their main page letting us know what is going on, or through e-mail. I understand that they have dealing with their own issues of getting everything back together, but I have my own users to please, and with cPanel down and with my message forum having problems of it's own, I am willing to look elsewhere and making sure my users are happy over waiting for who knows how long just to have everything back up to speed.
|
| Posted by dakotamiva, 08-30-2006, 06:59 AM | |
Now my site and host-frog.com are completly down, once again, without notice. This is starting to piss me off.
|
| Posted by jterrill, 08-30-2006, 01:42 PM | |
anyone try contacting hostfrog his nextel is not in service either, no support, no emails this is not the 1st time hostfrogs been hacked its the 2nd in 2months, plus the month before that they had a network outtage for a week and some change, myself I am moved to a new host, hostfrog if you read this please cancel my membership seeing that I cannot reach anyone.
|
| Posted by RobM, 08-30-2006, 04:57 PM | |
Yep that means the hacker was in the root area of the system.
I can agree somewhat with you on this as any host can get hacked.
But knowing a little bit about this hack and what damage it can do and cause, it should not take a host 4 days to fix.
If they are renting servers I can see 24-36 hours downtime max, as some DCs are slow to do OS restores which have to be done before restoring. Now if your DC is slower then that, then you may want to look for a new DC.
Now if a host is colo with a good DC it should not take more then 6-8 hours with good technicians as they have access to their servers. They could even have the OS and Cpanel already installed on some emergency drives, which speed up the process.
If its the second time in 2 months, that means their system is either using a weak password ( possibly even the same as before ) or has no hardening / security installed which I am betting my money on.
Now communication is key in this industry when stuff like this happen they should have an emergency plan with web site ready with a few clicks.
|
| Posted by layer0, 08-30-2006, 05:00 PM | |
Innocently hacked? It's called upgrading your kernel.
|
| Posted by dakotamiva, 08-30-2006, 06:25 PM | |
I did some research and I found that the HostFrog account here was banned for one reason or another. I think the only way around it is contact your bank or credit card company and request a chargeback.
|
| Posted by InvisionSrv, 08-31-2006, 11:28 AM | |
I had a dedicated server with Hostfrog for several months. When it went down for a month and was totally unreachable, I had no reply from tech support nor any phone number I called. I was also charged for the month I was down. I have since moved onto a new datacenter. I had no real problems with Hostfrog prior to being charged for a month my server was not online. I still keep in contact with a few of the Hostfrog people, for one reason or another. I tried to call Corey a couple months back to let him know about a few new exploits and how to patch them with no response from his cell phone.
If you are dead-set on getting a new host, I would suggest http://SoftLayer.com for dedicated clients. If you have any questions about their service, feel free to contact me. If you have any security questions relating to exploits, I would be happy to answer those as well.
|
| Posted by thewebhost, 11-16-2006, 04:08 AM | |
This is the hackers IP 85.98.229.72
How we know, we caught him in one of our servers, he deleted all the logs except the domlogs where we found the info and a direct connection to his hack
He is from Turkey and unfortunately this is another server we are going to block the entire country of Turkey from, I have nothing against Turkish people am sure they are good people, so maybe they can track this guy down and hang him.
|
| Posted by peruviantalk, 11-19-2006, 06:21 PM | |
I strongly doubt thats the hackers IP. Because this guy/team has defaced hundreds of websites.
|
| Posted by RyanD, 11-19-2006, 11:57 PM | |
did hostfrog get hit again?
http://www.hostfrog.com/
I get javascript errors on their page and only the header loads?
|
| Posted by IGobyTerry, 11-20-2006, 01:58 AM | |
I realize I'm 2 hours, 1 minute late, but it's loading for me.
|
| Posted by RyanD, 11-20-2006, 02:05 AM | |
I get a javascript error on the main index page (IE 6.x) and it doesn't load....
|
| Posted by Scott.Mc, 11-20-2006, 05:03 AM | |
Same here but it's not really anything to do with this old thread.
|
| Posted by Swelly, 11-20-2006, 12:28 PM | |
Could you please be a bit more specific on the errors you are getting? We recently added a new javascript to the homepage and this could be the reason why it is giving out errors. Thanks for your cooperation.
|
| Posted by Scott.Mc, 11-20-2006, 12:33 PM | |
Just look at the site in IE. You have 2 seperate syntax errors so it cannot interprite it properly.
Change your random image part to read this instead and it will work
-Scott
|
| Posted by Swelly, 11-20-2006, 12:38 PM | |
Thank you very much Scott, worked like a charm!
Thank you WireSix for the post up to let us know
|
| Posted by Scott.Mc, 11-20-2006, 01:46 PM | |
Glad it works, site is fine now.
-Scott
|
| Posted by jerett, 11-20-2006, 01:57 PM | |
Works great here.
|
|
 Add to Favourites
 Print this Article
|
