Portal Home > Knowledgebase > Articles Database > i was hacked
Posted by h0mayun, 03-18-2011, 04:53 PM hi im so noob in this forum and want some information ,i hope you can help my site yesterday was hacked with some guys that i know theme i just wanna describe how i was hacked and hear your advice yesterday received some emails with title like :[MaxBulk Mailer Delivery Report #24] [Info] Account Setting For My Domain 17 March 2011 and content like after that i received an email from my host provider about my acount details after that again emails like what i wrote above and after that an email from host that says you changed your password and ... i was sleeping and i did not see that emails and they earned my Cpanel pass and deleted all of my data as soon as was possible i called to host and fortunately they had backup and everything is now ok i want to know how did they do that.are they made a fake email address like mine or they found my email address pass? and when i look at last visitors in cpanel i see that made a fake IP Address like mine or some users from my site and i have too many records from these IP in minuet ,what do i have to do please advice me tnx
Posted by HSN-Saman, 03-18-2011, 05:56 PM Hi, Contact your host and ask them about the reason of this matter.
Posted by h0mayun, 03-18-2011, 06:05 PM i already did and they sayed that they got my gmail password,but i dont think so and about any suggestion?
Posted by HSN-Saman, 03-18-2011, 06:07 PM are you sure about your own computer? check last logined ip to your gmail account.
Posted by h0mayun, 03-18-2011, 06:08 PM tnx how can i do that?
Posted by HSN-Saman, 03-18-2011, 06:13 PM Gmail -> bottom of the page Last account activity: x minutes ago on this computer. Details click on details, then you can see last logins
Posted by h0mayun, 03-18-2011, 06:16 PM thank you so much i saw that and there was only my IP address for 3 days ago so i was right about that they made fake email address or i don't know maybe function php send mail
Posted by HSN-Saman, 03-18-2011, 06:17 PM if it was fakemail... you should inform your hosting provider.. it was their problem.
Posted by h0mayun, 03-18-2011, 06:19 PM they said that it was a spam and i shouldn't open it but im sure it sent to my inbox and even i dont remember id i opened that
Posted by HSN-Saman, 03-18-2011, 06:21 PM maybe... what is your browser? do you use any internet security software like kaspersky?
Posted by h0mayun, 03-18-2011, 06:23 PM i use opera last version and i did set up for pop mail through opera and some times i use firefox in my laptop installed avast
Posted by HSN-Saman, 03-18-2011, 06:26 PM Please put that email header here... then we can analysis that (go to gmail - open that email - click on small arrow which shows down turn and click on show orginal)
Posted by h0mayun, 03-18-2011, 06:28 PM here it is
Posted by HSN-Saman, 03-18-2011, 06:33 PM can you find your hosting provider name there? check the content of that email... if contain any malicious code or so on.. is there any url on that email?(malicious) if not I would say your hosting provider security is low if you're sure about your own computer security(check for keyloggers).
Posted by h0mayun, 03-18-2011, 06:39 PM no i can't find host url but there is a url http://homecat.alter.org.ua/ its wierd
Posted by tech3tech, 03-19-2011, 03:51 AM amazing. too many smart guys theses days
Posted by h0mayun, 03-19-2011, 08:54 AM its not amazing its awful they better use their smartness for useful stuff
Add to Favourites 
Print this Article
