Hacked

Talk about musical instrument construction, setup and repair.

Moderators: kiwigeo, Jeremy D

Post Reply
User avatar
peter.coombe
Blackwood
Posts: 615
Joined: Fri Oct 15, 2010 2:52 pm
Location: Bega, NSW
Contact:

Hacked

Post by peter.coombe » Sat Nov 02, 2019 4:21 pm

I discovered some weird files on my web site today and deleted them, and then changed all passwords. Just a few minutes after deleting them I got an email from the host provider saying my site had been hacked with a phishing file (now deleted) and my account had been suspended. Now I can't do anything, can't log in, can't ftp, just have to wait for them to restore access so I can find out what the heck has been going on and fix it. GGGGRRRR. They are not fast responding to support. In the meantime 2 web sites are now cactus, even though the threat has been removed. Last time I was hacked was a time consuming major pain, so I guess this is likely to be the same or worse since the technology has moved on a bit from then. Twice in 20 years I guess is not too bad, but I hate these thieving scumbags with a passion.
Peter Coombe - mandolin, mandola and guitar maker
http://www.petercoombe.com

User avatar
Mark McLean
Blackwood
Posts: 770
Joined: Thu Apr 10, 2008 2:03 pm
Location: Sydney

Re: Hacked

Post by Mark McLean » Sat Nov 02, 2019 7:17 pm

Peter,I am sorry for your pain and inconvenience.
This seems to be a major scourge of the web economy. I don’t make my living this way but I can see what a huge PITA it must be to deal with this - from individuals who are basically just vandals or extortionists. They should be the first against the wall come the revolution.

simonm
Blackwood
Posts: 155
Joined: Mon Sep 07, 2009 7:09 am

Re: Hacked

Post by simonm » Sat Nov 02, 2019 10:09 pm

My old website (devoid of content at the time) was banned by my service provider which meant that I had to move my email address to a 3rd party provider. The reason? Someone was attacking my empty site for a denial of service attack on some other site on the shared server it was hosted on. Attacking my site crippled the server which killed all the other sites on the same server - I assume one of them was being blackmailed. Easiest solution for provider was remove my site.

Back in the old days I remember finding a very basic scam site (for harvesting bank passwords) which was hosted on the town council website of a small Portuguese town. I let them know.

Good luck with getting your site back up and running.

User avatar
TallDad71
Blackwood
Posts: 100
Joined: Thu Jan 19, 2017 6:20 am
Contact:

Re: Hacked

Post by TallDad71 » Mon Nov 04, 2019 10:45 pm

There are literally thousands of websites that run on the same name servers as yours Peter, ns-1.ezyreg.com.

https://securitytrails.com/list/ns/ns-1.ezyreg.com

I guess they have locked yours down to protect the integrity of the other websites that sit on the same hard drives whilst they investigate the causes of the security breach. I have no advice on how to speed Netregistry up, but hopefully you'll see that whilst they are dumping on you, they are trying to protect their customers from potential harm.

Best of luck.
Alan

User avatar
peter.coombe
Blackwood
Posts: 615
Joined: Fri Oct 15, 2010 2:52 pm
Location: Bega, NSW
Contact:

Re: Hacked

Post by peter.coombe » Tue Nov 05, 2019 9:29 am

I don't have any beef about the sledge hammer approach. As you say, they are protecting their other users. My beef is that they advertise a 24hr support turnaround, but in practice that is some sort of a joke. Netregistry is now owned by MelbourneIT and they outsourced their call centres overseas. In the case of Netregistry it is in the Phillipines, and I have difficulty understanding some of their support people. MelbourneIT sounds like it is probably India. When MelbourneIT was smaller, I could call or email them and get an answer almost straight away from someone based in Australia, and the problem was fixed pronto. Last problem I had I waited for an hour mostly on hold, and in the end the problem is still there. I need to re-visit that problem later. They got too big for their boots. Their transfer of web customers from UberGlobal was an utter shambles. Many web sites down (mine was one of them, down for nearly 2 weeks), help desk in meltdown. The upside is their infrastructure seems to be very good. My web site was much faster and has been zero down time (after the shambles) until now. My other host providers always had random unscheduled down times.
Peter Coombe - mandolin, mandola and guitar maker
http://www.petercoombe.com

User avatar
peter.coombe
Blackwood
Posts: 615
Joined: Fri Oct 15, 2010 2:52 pm
Location: Bega, NSW
Contact:

Re: Hacked

Post by peter.coombe » Thu Nov 07, 2019 10:53 am

Progress. I have access back and a maintenance page is up. Now the real work starts. I been trawling through the logs and is interesting to see the hacking probes and what they are looking for, but is a needle in a haystack to pick up the actual exploit.
Peter Coombe - mandolin, mandola and guitar maker
http://www.petercoombe.com

Post Reply

Who is online

Users browsing this forum: No registered users and 26 guests