**Oscar Controls Site Hijacked...**

[oldskoolcade]

edit:

My apologies for the title... it angers me when good people get dumped on by a bunch a lame a## wannabe  hackers....  Title has been changed to maintain thread...




So I'm in need of a usb interface connector for my trackball, and I go to order one from Oscar this morning, and it appears as if he's the latest arcade site to get hijacked...

Murphy's law I tells ya....


I wish these lame a## kids would figure out that kissing a girl can be just as much if not more fun than being a second rate hacker-wannabe...

[cholin]

I think theyre lucky that hackers didnt screw up their whole server.  If I got my site hacked, and I was them, the first thing I would do is hire a professional coder to keep it secured.  This way, especailly if you find a coder from these boards, you can simply pay the person off with merchandise instead of a paycheck

[Stingray]

Moron kids with too much time on their hands.

-S

[brandon]

is it the guys who did www.klov.com?  The "Terrorist are people and have feelings too"  camp?

[Goz]

At least they were nice enough to leave contact info:


Contact: core@backstreet-boys.com

[cholin]

Well thats not necessarily being nice, being nice would be contacting the owners and offerring their services for maybe a small link of somethin.....

[OSCAR]

Grrrr....

Well, I've been in contact with my hosting service and they have assured me no damage was done other than they just defaced my index.html files.  All the data, images, shopping carts, etc are still operational.

The order page is up and working fine:  http://www.oscarcontrols.com/order.htm

But since I'm at work right now, I won't get a chance to re-upload the index files until I get home this evening.

[cholin]

Well if they defaced your index.html file, I would advise against orderring   Thats kinda the first sign...

[OSCAR]

Well if they defaced your index.html file, I would advise against orderring   Thats kinda the first sign...

Orders are not processed on my site.  The check out pages are on either Authorize.net or PayPal's SSL payment servers.

[MonitorGuru]

The homepage is up, but unfortunately the /chassis folder is still hacked. (The one with all the comparisons of the tubes and chassis I did and you so gracefully provided hosting space for)

[OSCAR]

According to what I've been told, they were on the site just long enough to run a script that replaced any files that were named index.*

The weren't looking for pages like index_spinner.htm, and all the other pages & data.

[Wyluli]

Grrr, I wish there were a way we could catch these guys and send a virus to there computer that would wipe it out.  Stupid punks. 

[SirPoonga]

You want to change the title of the thread to something more meaningful and compliant with the rules

[Stingray]

Grrr, I wish there were a way we could catch these guys and send a virus to there computer that would wipe it out.  Stupid punks. 

Actually I think a bonding session between the guy's testicles and a cattle prod would be more in order.

-S

[cholin]

Gotta love skript kiddies eh If they ran a script, you'll more than likely have their ip address which can be mapped with an ip dictionary/atlas, then find their ISP and tada

[ften]

You could always see if they are on the below and discuss their hacking of your site. They are Brazilian hackers I believe.

irc.gigachat.net #core-project

*Edit
oh and
irc.brasnet.org. #Crookies

-FTen

[SirPoonga]

In the last month almost every forum I visit has been hacked in this manner.

[OSCAR]

Okay, I got the main site back up and running (had to talk my wife through it during lunch... ).  I will get the rest of the tutorial & project pages up this evening.



FYI - below is what I received from Speedhost regarding the problem, it appears to be corrected now:


 -----Original Message-----
From:    "SpeedHost.Com"
To:      "'Oscar Controls'"
Subject: RE: Website hacked
Date:    14 Mar 2005 18:24:58 -0000

It wasn't a security hole on your site, it was a script on some other customer's site. I'm not entirely sure which script but that site is gone entirely off the server.

JoseQ


> -----Original Message-----
> From: Oscar Controls
> Sent: Monday, March 14, 2005 11:45 AM
> To: SpeedHost.Com
> Subject: RE: Website hacked
>
> Jose,
>
> Do you know what security hole they exploited to get in?
>
> As you can understand, I could have some customers
> nervous about placing an order though the site.  If you can
> give me any info that I can pass along, that would help a lot.
>
> Thanks,
>
>
> Kelsey