Programming hacker genius.A couple days ago I was so happy¬† with the achievement of redesigning the look of my sign up bonus site. Now, only a couple days later, I know what it’s like to be hacked. It’s like being raped, almost all the files on my ftp server were compromised. This is 3 sites total including the one you’re on right now. Looking at my websites now just doesn’t feel the same.

What happened? A genius programming hacker figured out the password to my ftp server because the one I had wasn’t strong enough. After that, a script was run on the main directory of my server that found any javascript, xml, and php file where the script could input a line of php code at the top of each file. On my server we’re talking hundreds of files getting changed against my will.Luckily in my case only the php code was compromised for whatever reason I do not know. This also jacked up my site because certain areas wouldn’t work properly on top of the spam ads.

What did the php code do? It made pop ups come up on pretty much every page of my site to visitors all over the world. Pop ups aren’t usually a bad thing, but these were labeled attack sites with malicious malware that could potentially spread viruses to many individual computers or steal information.

How did I fix it? First thing I did was updated my poorly thought out password and made it very random with numbers, special characters, upper and lower case letters, etc.. Thanks to the hosting Company I have, GoDaddy, they automatically make back ups of previous day’s file structures. All I had to to was go back one day before the incident and restore the non corrupted files in each main directory. This worked like magic, but was still time consuming taking about half a day to complete. Doing the restore this way also ensured I didn’t miss any hidden files in sub directories.

I also checked to make sure there weren’t any extra files after the individual directory restores. Then I double checked to make sure there were no other users on my server.

What did I learn in this whole crappy experience? Passwords are pretty damn important. Make sure to properly strengthen all your passwords because they could be compromised otherwise. Also, if you use 3rd party open source code, which I do, make sure it is updated to its latest version. This wasn’t a problem for me, but it could be for someone else.


Tags: , , , , , , , , , ,


One Comment to “My ftp webserver got hacked with a malicious malware script and how to fix and prevent it”

  1. Desi Tv Tube says:

    Very Good Post Thankx For Sharing

    [Reply]

Leave a Reply

You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>