• From: Madeira, Portugal
  • Registered: 2008-12-23
  • Posts: 73

Topic: Hacked again

A few weeks ago I posted about a website being hacked into, script injection on the index page. Google wouldn't allow you to look at the site and I couldn't view the index page with cuteftp, access was denied.

Eventually the host, which is secondardy hosting in Portugal but really Fast Hosts in UK, supplied new passwords. You can't change the passwords or username yourself. They suggested the site had been the victim of script injection and interestingly enough there is a page on their website about the subject.

This morning a friend messaged me to say that one of the sites had malware on it again, I wasn't refused access and could view the script, which is on  Before Google had denied access and AVG had flagged. Every page on two websites with the same host have had a script put on. The script starts kc and are just a bunch of numbers with kjpove function.

This has to be a hosting problem surely, for it to happen twice.

I've said they've got to change the hosting and probably the web address, trying to switch it over would be a nightmare with their hosts who take ages to answer emails.

  • From: Florida
  • Registered: 2008-12-19
  • Posts: 2,593

Re: Hacked again

I've said they've got to change the hosting and probably the web address, trying to switch it over would be a nightmare with their hosts who take ages to answer emails.

Is the domain under your name (or the client's) or does the host own it? If you or the client own it and you are having a hard time getting the host to release the domain, you can contact Internic with your complaint. Be sure to read the ICANN domain dispute policy here.

You could provide a professionally written letter or email in regards to this issue stating that you will be filing a complaint for not complying to your request to release the domain. Even if the domain is owned by the host, you can still prove that domain is actively used by you or the client and that the host is merely hosting the site and nothing more.

And your right, find you reputable host. If you are looking for something around the European area, I know of a good host that I do a lot of business with which has servers in the UK and US.

  • From: Madeira, Portugal
  • Registered: 2008-12-23
  • Posts: 73

Re: Hacked again

I have checked the who is, and the domains are registered under the client names. Both websites will be down now until something is sorted as neither I nor the client can change the passwords, which is something I find very strange. Last time it took over a week before new passwords were issued, they just ignored the emails from the client. I can't email the hosts as my Portuguese is not very good.

I've been using hostpapa myself for a couple of years, bit more down time than I would like sometimes, but they are quick to answer any emails when there is a problem. Canada/US and UK based, but it doesn't really matter these days. I like them because you have more than one domain on the hosting and the two sites that have been hacked could also share hosting, neither are big sites.

Although I didn't charge for the building of these sites, they are friends, I can't help feeling somehow it reflects on me that this has happened again. I've checked the other sites that I run and they are all clean. Is it something I could have prevented or does the host have a glaring hole in their security or an aggrieved employee who has access to the passwords.