Hackers Serang Webhosting Providers

[galadriel]

Tweet

A'kum...

Saya telah dapat tahu dari forum luar negara bahawa terdapat hackers yang telah hack ke beberapa Webhosting Provider, latest yang kena ialah:

hostingfree4lifeDOTcom
(saya tak nak link hosting provider tu ke forum kita ni, takut kena tempias)... :shock:

dan juga:

- forum webhostingtalk
FatNetwork:
Today we were attacked by the Arslan group as well. It started off by them replacing every index.php file on the server with one that included their defacement message. My colleague and I overwrote those index.php files from a recent backup we had and it fixed the problem.

10 Minutes later the defacements came back and I noticed while refreshing the FTP window I had open the MODIFIED time for the index.php and index2.php files were changing even though I was not uploading anything. So it appears to me that perhaps these guys were running a script that was connected to a cronjob?

Later in the day it appears as though they hit every PHP file on the entire server we are on. This not only included index.php files but every php file on the server had this defacement message. I don't understand how one script such as phpbb or and other script like that would allow someone near root level access on a linux machine coupled with firewalls and what not.

The company we go through is an established business with a few years of experience. They were surprised and confused just as much as we were wondering how this could of happened. The server is at the data center right now under further investigation. All MYSQL data seems to be in tact and untouched which is a good thing.

Has anyone else been attacked by ARsLan and does anyone have a clue as to what may have cuased this or how this could of happened?

I will never understand the motivation behind doing things such as this. It causes nothing but anger and grief.

Hackers yang buat tu menggelar diri mereka kumpulan Arslan,
dan mengaku sebagai orang islam!
(maybe saja nak guna nama islam supaya nampak gempak le)

Ada beberapa websites yang dibawah host provider tersebut sudah kena hack - username, password semua kena access dan website mereka kena 'defaced'.

Kenapalah jadi macam ni?!
Betul2 memburukkan nama islam...

Sekarang kat forum luar negara benda ni topik hangat...

[fai]

Buruk betul prangai mereka tu..

:cry:

[takatoo]

Jangan kata webhosting provider,Microsoft dan Nasa pun kena serang.
Musim2 perang ni kat internet pun diorg angkat senjata. :?

Nasa Hacked

Kita jangan jadi mangsa keadaan cukupla..[/url]

[galadriel]

huhu...

kalo nasa yang ada sistem canggih-manggih tu pun boleh kena hack... apatah lagi orang kecik macam kita ye... :shock:

Buat masa ni memang susah nak lawan hackers ni. But biasanya mereka target website yang high profile, macam website kerajaan, website bisnes yang glamer, news website... but adakalanya website / blog orang biasa pun kena hack juga sebab kebetulan 'hack' yang mereka install tu memang khas untuk 'ganggu' dan kasi malapetaka kat platform tertentu seperti wordpress, blogger,
sometimes pada browser - seperti FireFox, IE or pada apa-apa yang berkaitan dgn Microsoft (Outlook, etc)...
pada phpbb forum, dan seperti yang kat atas tu, pada hosting provider...

kalo fikir.... memang serabut kepala ...

[galadriel]

testing....

[aku]

uik.?? :shock: tengah test code ke? aa.. jangan main inject2 tau.. tak baik.. :lol:

[ajibtu]

sql injection , php injection ...

web aku pun pernah ada hacker cuba2 nak masuk ...

slamat aku perasan... banyak plak tuh...

dia sempat upload file script.... tapi tu aku tak iktiraf sebagai hacker la.. sebab directory tu aku mmg set open untuk upload ...

dia boleh scan lubang2 yg open...

hati2

[rontol]

Berdasarkan ape yang aku bace la....tiada cara nk elak serangan crackers ni
wujud langkah2 pencegahan...tapi selagi si crackers2 ni jumpe lubang untuk di exploit....selagi itu la tidak selamat...

n00b2 je yg main dengan injection ni...sekali kite lupe...zasss* merane la jawapnye....

salah satu penyelesain alternatif yg aku bace kt forum luar negare...web hosting provider ni block negare2 'kritikal'....maknenye derang xbagi user2 dari negare kaki brute force ni jd user derang.....russia...vietnam....(Malaysia pn ade woii)

[reezluv]

huhuu..aku de baca iklan kat majalah PC pasal Uitm nak wat hack competition kan?ke nak create satu sistem yang bleh banteras hackers ni??

tapi aku rasa sure de hackers dari malaysia ni..member aku ade gak la hackers kecil2 lan n besar2 besaran tu tak berani depa nak wat.kang xpasal2 je..takat yang aku tau la..yang aku taktau...tahla...

[code7]

saje diorang xde keje lain nak wat selain meng'inject' sql utk wat index defacement.. sbb tu kalo ada folder atau directory bubuh index.htm bagi ia tak dapat dibaca lubang2 tuh... pastu kalo yg guna free php scripts pepandailah patch update kalo ada.. jgn tunggu lelama nanti diterjah hackers..

pastu kalo pilih webhosting luarnegara berhati-hatilah sket, kenkadang diorang simpan file malware script dalam server tu anytime je server leh down... bukan ape member aku penah kene sbb byk sgt org pelik2 simpan virus/malware script dalam webhosting diorang sehingga org lain kene tempias..

p/s: sistem yg manusia buat tak pernah perfect.... ada je lubangnyer...