Hacked by Macedonia?!

[yoyoyoyo]

One of the forums that I admin for was hit today by a very odd thing. See the attached image. I edited out a naughty word for the kiddies in the audience. It was no real harm done, but I was just wondering if anyone has encountered anything along these lines, or if anyone has heard of this group, etc.. What is very odd is that the forum is really not even live yet, and only about 10 people even know about it, and I am the only one with admin or even mod access (I changed the passwords after I was hacked of course). The forum is heavily modded, and I was just wondering if anyone has seen anything like this due to a mod from here?

[Brad]

Most likely a server crack, anything else on the domain other then the forum?

[Biker_GA]

I doubt it was a vb issue. More likely the server itself was insecure, and that's how they were able to gain access to the forum.

[Corriewf]

You could always ask the people at the chat.......

[yoyoyoyo]

Quote:

Originally Posted by Brad

Most likely a server crack, anything else on the domain other then the forum?

not really, but it is a shared server, and I have other sites on the same server but they were not hit. My guess was a server issue also, but just wondered if anyone had seen this particular "hack" before. I read all of the hacks pretty thoroughly, and I know the moderators at vb.org wouldn't allow any malicious code, but am pretty confused as to why we were hit, so I thought I would ask for input.

[Boofo]

I see they've changed their image since they nailed me about a year or so ago. That happened to my site but it was done by someone who was disgruntled with one of the other accounts on the server. They mailed a bunch of us to try and throw it off to something else. All they basically did was replace my logo with one like you have there. Easy to fix but scared the bee-jeebers out of me because I wasn't expecting anything like that to ever happen to my small unimportant site.

[ToraTora!]

Quote:

Originally Posted by yoyoyoyo

not really, but it is a shared server, and I have other sites on the same server but they were not hit. My guess was a server issue also, but just wondered if anyone had seen this particular "hack" before. I read all of the hacks pretty thoroughly, and I know the moderators at vb.org wouldn't allow any malicious code, but am pretty confused as to why we were hit, so I thought I would ask for input.

If you are on a shared server, you are at the risk of anybody else within that chain.
Before moving to realwebhost.net, we used a web server that had roughly 19 other sites on it. We were actually able to FTP to everyone of those stes and read their files as well as Telenet.

After informing the server admin that we were able to do so, and wanted them to secure our site down as well as everybody else's better without having to go dedicated, they said that there was no way that we could do those various tasks.

So, the owner of that server laid a challenge down to us. "Try to get in this one site and I will believe you" type of deal.

After we were done with the site, he believed us and we moved to our current server which is basically bulletproof.

In most cases of this type of hacking, you have plenty of shady companies out there that offer low cost server options that throw you in the mix of numerous others who know nothing of a server admin panel nor options (if available) to shutting off SSH, Telenet or even FTP and all it takes is just one curious person to go up a level in their FTP manager to see what is all going on within that disk.