• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
My almost ci site hack

#11
(08-15-2017, 09:20 AM)skunkbad Wrote: A long time ago I had this happen. I wanted to blame all of the usual suspects, but in the end I found that it was my use of plain FTP, and the fact that another computer on my network was infected with many viruses / malware. I even changed my password to FTP, but that didn't help because that other computer was sniffing network traffic, and as soon as I used another password it would grab it.

OP never said if he/she was using plain FTP. What is it OP? Ideally use SFTP, FTPes, or anything besides plain FTP.

That i understand, but why my only ci website are hacked not others that i have made in other programming language.
Reply

#12
Good point about encrypted connections @skunkbad.

There is also a risk in using Filezilla (perhaps the most used ftp client?). The sitemanager of Filezilla stores all your FTP credentials in an xml file in plain text or in base_64 encoding. Malware exists that retrieves those login details and sends it to the attacker. Therefor, always ensure your operating system is up to date and have a virus scanner active.

I work one day a week from my home. I have setup a vlan in my home network just to isolate my workstation from all other devices in the network. You can never be to paranoid Wink
Reply

#13
(08-16-2017, 01:26 AM)Marku Wrote:
(08-15-2017, 09:20 AM)skunkbad Wrote: A long time ago I had this happen. I wanted to blame all of the usual suspects, but in the end I found that it was my use of plain FTP, and the fact that another computer on my network was infected with many viruses / malware. I even changed my password to FTP, but that didn't help because that other computer was sniffing network traffic, and as soon as I used another password it would grab it.

OP never said if he/she was using plain FTP. What is it OP? Ideally use SFTP, FTPes, or anything besides plain FTP.

That i understand, but why my only ci website are hacked not others that i have made in other programming language.

Programming languages or PHP frameworks? Maybe the virus maker not smart enough to deal with other programming languages? I don't know.
Reply

#14
(08-16-2017, 01:26 AM)Marku Wrote:
(08-15-2017, 09:20 AM)skunkbad Wrote: A long time ago I had this happen. I wanted to blame all of the usual suspects, but in the end I found that it was my use of plain FTP, and the fact that another computer on my network was infected with many viruses / malware. I even changed my password to FTP, but that didn't help because that other computer was sniffing network traffic, and as soon as I used another password it would grab it.

OP never said if he/she was using plain FTP. What is it OP? Ideally use SFTP, FTPes, or anything besides plain FTP.

That i understand, but why my only ci website are hacked not others that i have made in other programming language.

we need more infos. without infos we can not help.

changed the hacker some files or only the output of the site?
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


Users browsing this thread:
1 Guest(s)


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2017 MyBB Group.