SitePoint Sponsor

User Tag List

Results 1 to 2 of 2
  1. #1
    SitePoint Member
    Join Date
    Jan 2006
    0 Post(s)
    0 Thread(s)

    Exclamation hacked by GHoST61

    Hi guys,
    Today 4 of my sites were hacked.
    this guy just changed my index file with this mesage
    Hacked by GHoST61

    i did restored file and chmod 755.
    How could he do this?
    What did i do wrong?

    i really need more information to avoid this to happen again

  2. #2
    SitePoint Enthusiast
    Join Date
    May 2010
    0 Post(s)
    0 Thread(s)
    GHoST61 works in many, many ways. One of his/her methods is looking for folder permissions of 777. Sometimes software installations have you set the folder permissions to 777 in order to get their software to install. What many people fail to do is to set the folder permissions back to 755.

    What software do you have installed on your website? Joomla, Wordpress, osCommerce, ZenCart?

    These have all been under constant attack so be certain that you're running the most version of any of these as well as updated plugins for these.

    Beyond that, change all FTP passwords and run a full system virus scan on all computers, yes Macs too! Sometimes websites are compromised due to stolen FTP credentials. This information is stolen by a virus on a computer that's been used to FTP files to the compromised website.

    Please post back with any questions, comments or updates.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts