URGENT - Hacker

[Snowflake1000]

Hi,

I own a e107 website - hbgalaxy.com


and someone knows my admin password, so i changed it, but they can still get into it, make changes and they just said to me:

"I would backup your databases if i was you".

How do i prevent this from happening, can i contact my host?

 

[Storming]

Hello,
Update your software on the website to latest versions and disable all plugins so you can try and track down the vuln.

 

[brainst0rm]

First you need to make sure that its NOT you. Its highly possible that your computer is being hijacked. because if it was the host, few other sites would also have been facing that issue.

Visit some cyber cafe, or use some other computer and change the password. back up the database. Make sure that you don't use the same computer again before formatting it.

 

[snowmanrene]

While you're site is down, I won't make it known that all passwords have been leaked just yet. Wait till site is back up and then make an official announcement.

 

[cgworld]

yes format your pc and then change everything

 

[PBI NetWork]

no look old backup and look server files see if eny new file are add yea take some time but then you 100% after that im sure some were maby a new file add to enter youre server and get full control

 

[Lewis]

Backup. Format your PC. Change your password. I doubt its the software. You probably have a keylogger on your PC.

 

[so19]

I am assuming you are not keylogged..

Make a backup of your site, then delete all the files on the site and go and download a fresh e107 installation (latest version) and upload that and configure it to work with your website. Then your website will be safe, then you can slowly move your theme's and other files back making sure none of them are a shell.

also, go look up .htaccess (only allow your ip) and .htpasswd and use them for your admin panel so he cannot get into it.

Make sure all your directors are chmodded to 755 and files are 644, if any are 777 it is either a shell or he can still exploit it.

 

[Snowflake1000]

But i havent downloaded anything that would give me a keylogger.

And, scanning with spybot and avg now

 

[sloddl]

what hosting do u use? dedicated or shared?

if shared... talk to your server host... maybe some other acc was hacked and they have access to your site too.

 

[Pirate]

Oh... i really love these types of attacks... X-(

Format your PC, backup your site, change passwords, upgrade e107 on localhost.

+Use a password manager, like KeePass or other similar.

 

[DLow]

Contact your host

 

[automan]

My best suggestion.....

Check your email ID if it has email forwarding enabled.
Take complete backup.
Remove your database,damain, change passwords.
Reinstall everything

Try to analyze your pc for viruses.

 

[mahjong]

yeah, be aware. if it is a keylogger, you have to format your pc, and change every password of yours after it, beginning with your email addresses, because they still can get password reminders.

remember the steps:
first: format pc
second: change email passwords
third: change every other password
BE AWARE: SOMETIMES they can still login to your account with cookies after password change, so do not keep account info in your emails for a few weeks (depending on email providers, if you have gmail, change the account so only one ip can be logged in at a time)

I once had a keylogger, ever since i changed to ubuntu, not saving my main passwords and using a master password for the other smaller sites i'm using in firefox. In my case it was a win7 bug, the system was too new for me.

 

[toRRfriend]

mate change all passwords....and try to use long non guessing word with symbols and number(don't use dictionary word, bcoz they are in first check list of hackers bot)...so you may escape if they use brute force...