digg

Facebook Connect Join Digg About

My website was hacked!

iivee.com I found my website was hacked just now. He left his email, too. What should I do?

Who dugg this? Made popular Jul 16, 2007

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

334 Comments

show profanity settings
expand all
  • Bonejob, on 10/11/2007, -1/+498Being an admin now for 10 years, the best advice I can give is to find out how it was hacked, fix the problem reload your site from backup and move on. Realistically if you try and track him down or send an abusive email to the address you are just feeding what the "script kiddy" wants, Attention. From past experience even if you find the guy, and press charges (IF he is in your own country) he will get a mischief charge at most, which means nothing. Don't feed the idiots ego, or give him a reason to make your life more hell by giving him reason to take it to the next level (DDOS, Domain Name hijack, etc...)
  • fluidfoundation, on 10/11/2007, -31/+445Do what I do.
    Masturbate.

    wait... what was you're problem again?
  • syphern, on 10/11/2007, -20/+256You should hack his girl!
  • maci01, on 10/11/2007, -4/+200I suggest changing the e-mail and image to say that somebody else hacked it, that way he'll get angry because he won't get credited.
  • Zap2, on 10/11/2007, -3/+157I think its pretty clear, this person lacks a "girl"
  • Dorkbot101, on 07/15/2009, -1/+144Looks like this guy has been busy... Check out the google search for his email address

    http://www.google.com/search?q=%22daeS%40linuxmail.org%22&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a
  • underdog5004, on 10/11/2007, -4/+97Change the root and normal user passwords.
  • Henko, on 10/11/2007, -4/+92The image on your site is actually hosted on another hacked site, Up North Candle Company. I wonder if they even know?

    From http://upnorthcandlecompany.com/catalog/images/
    Hacked By daeS
    Turkish Defacer
    contact : daeS@linuxmail.org

    With some huge luck they can see an IP of who uploaded that pic (though it's most probably an anonymous proxy).
  • rlee0001, on 10/11/2007, -3/+78"What should I do?"

    Depends: Is that an accurate drawing of you tied up in the chair?
  • morphir, on 10/11/2007, -3/+61And you should check for rootkits. Check your logs, find out how he did it, maybe change ssh pswd and check what ports are open. Send him an e-mail, and ask him why he did this. And offer him a hug, he seem to need it.
  • slicedoranges, on 10/11/2007, -3/+60Why is every defacer Turkish? I'm not making a stereotype - it honestly seems that way all the time.
  • unangst, on 10/11/2007, -3/+46This is how we all learn to secure our servers. The hard way. People don't take security seriously until their machine is compromised. At least your site isn't full of Arabic that you don't understand... or worse...
  • keepinithamsta, on 10/11/2007, -6/+48daeS saying he owned people is like bragging about being the smartest person with down's syndrome.
  • dmcbride6, on 10/11/2007, -0/+41Not much you can do other than put your site back up and try and patch those holes.

    linuxmail.org is about as trackable as hotmail accounts...the perp is probably routing through other systems just to get the email.
  • EztliNahua, on 10/11/2007, -3/+43He's a Turkish hacker. Turkish hackers hate everyone outside of Turkey. Fix it and move on.
  • fistofblood, on 10/11/2007, -2/+40He's probably exploiting a well known security flaw in your software, as most script kiddies do. I would suggest you update your software.
  • crash128, on 10/11/2007, -4/+40A moose once bit my sister.

    I'm coming to the conclusion that all of iDigg is just paid marketing. Driving traffic to websites, to software releases, to small mobile devices. But then add insult to injury and you get comments that also seem to be written by marketing folks.

    Oh digg, I mourn for you.
  • ThankTheCheese, on 10/11/2007, -4/+39I don't want to be an *****, but aren't there forums out there that are designed to answer these kinds of queries? This is not what digg is for, mate.
  • montiff, on 10/11/2007, -0/+34My clans counter-strike website/forum also got hacked by a Turkish ***** one time.

    The funny thing was we were the [USSR] clan and the message he left was something like : "Liberating the world of Communist oppression".

    by ya good luck mate.
  • Dokument, on 10/11/2007, -3/+36lets all send him an email. he should have fun picking through those...
  • zazzybob, on 10/11/2007, -0/+33Use this image:

    http://alumni.indiana.edu/clubs/swind/swindpics/slides/thumbs_up%20for_IU.jpg

    "Hacked by Nancy Otte"
  • weeeezzll, on 10/11/2007, -2/+31Quick, unplug your modem before they hack your porn collection!!
  • Svoma15, on 10/11/2007, -9/+34Actually, he probably hacked his own site, now making $$$ for all this traffic he created. It's a new account too, little more than a month old.
  • AzMoo, on 10/11/2007, -0/+25PHP is not inherently insecure, it's plagued by hordes of bad coders who write insecure code and blame it on PHP for not fixing their mistakes. Granted, things like register_globals and magic_quotes haven't helped things but the use of these features is well-known as insecure and people should avoid them. Set up your server properly and write your code as secure as possible and you wont have an issue.
  • inactive, on 10/11/2007, -3/+25having this on digg should help...
  • TheShad0w, on 10/11/2007, -1/+22yea I agree with this though I would also throw in checking for rootkits or just do a complete restore.
  • t3soro, on 10/11/2007, -1/+22how would he make money without any advertisements?
    1. Get traffic
    2. ?????
    3. Profit!
  • fireinbergen, on 10/11/2007, -0/+21Send me your password, and I will help investigate this matter promptly.
  • str3ama, on 10/11/2007, -4/+24yea it could still be a fake, just because there was a site there earlier doesn't mean it's not some SEO attempt to get frontpaged. Take an unsuccessful site, creating something Viral (Virante's Web 2.0 Hosting scam) and get it frontpaged.
  • PRlME, on 10/11/2007, -0/+20Nice Plug for Linux dude
  • useless666, on 10/11/2007, -1/+21some hacker, used a "generator" (look at source) to make the page
  • schestowitz, on 10/11/2007, -4/+23Wait. Could this be fake?

    Oh wait... it's ain't...

    http://209.85.135.104/search?q=cache:http%3A//iivee.com/

    No clues here:

    http://toolbar.netcraft.com/site_report?url=http://iivee.com

    Make sure it's fully patched anyway (software, server, etc).
  • slicedoranges, on 10/11/2007, -0/+19What a great theory you have going there.
  • celerate, on 10/11/2007, -2/+20I'd get a disposable e-mail account, and ask him as anonymously as possible how he did it, then patch the hole. If he tells you then you can fix it, if he doesn't reply you don't lose anything, and if he writes back an offensive reply or signs you up for porn he doesn't have your real e-mail address.
  • naturalblue23, on 10/11/2007, -2/+17fat chicks need love too!
  • MrAndrews, on 10/11/2007, -2/+16In my experience, if you write and ask nicely how they did what they did, they'll point you in the right direction and be very civil about it. Just be sure to be calm and respectful, and it can turn out all right.
  • Lane, on 10/11/2007, -3/+17Contact the email sites admin with a link to the moronic image and see if they wont rat him out or at least remove his email address?
  • djh816, on 10/11/2007, -2/+16son of a bitch! turkish defacers killed my site too. it was on profusehost.net so maybe a security problem with them to get my password or something. oddly, they altered the mambo install rather than putting their own html file. all it did was cause php erros and make my site not xhtml compat anymore :P
  • inactive, on 10/11/2007, -0/+14Now you have two problems... A hacked site and a giant hosting bill.

    Woo.
  • funkytaco, on 10/11/2007, -5/+18He's a script child, it seems. You probably have an insecure PHP installed. Restore from backups, then secure your server.
  • Ricapar, on 10/11/2007, -3/+16You're probably on a shared hosting account, and you had your public_html directory chmodded as 777. Typical secuirty issue, easy to fix, yet so common on many many sites.
  • aliengoods, on 10/11/2007, -3/+15I don't get why you guys are admitting your site got hacked. That's like admitting you slept with a fat chick. It's one thing to do it, but you don't tell your friends. Just clean up and go home.
  • Pizzini3000, on 10/11/2007, -0/+12http://www.google.com/search?hl=en&q=daeS+hacked&btnG=Search
  • Sparkster185, on 10/11/2007, -5/+17Yeah, but they gotta pay.
  • Megaqwerty22, on 10/11/2007, -0/+11You are of course assuming this person actually has friends...
  • Nodren, on 10/11/2007, -0/+11the site you linked was coded in oscommerce, a notoriously horribly coded app, i've worked with it before, and can definately say there are quite a few security leaks in it.... wouldnt be surprised if it caused the problems for that site.
  • roguetrick, on 10/11/2007, -1/+11No I think he meant his mother left the back door open.
  • PARAPA, on 11/01/2007, -2/+12Amen dude, I have to agree with that. Obviously there will be exceptions to the rule but as a stereotype it's true
  • kyrre, on 10/11/2007, -1/+10I tracked down a script kiddie once. He was in the same country as me. When the police called him he confessed immediately. The whole ordeal ended with him settling with the company who was the victim of his vandalism. He had to paint the company headquarter. A quite large 3 story building. Had to bring his own paint too. His father used his vacation to help him out. I think he learned his lesson.

  • rnnbob, on 10/11/2007, -0/+9I have never heard of it till now. coincidence i think not!
  • Fetching more discussions...
    Show 51 - 100 of 335 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.