1

How do I figure out how the "Pharma Hack" hackers are gaining access to my site?

view story
linux-howto

http://serverfault.com – One of my sites has been the continuous target of the "Pharma Hack" - but it's using Drupal instead of Wordpress or Joomla. It is version 6, but it's updated to the latest version, and so are all of the modules that I have installed. I've changed passwords, deleted offending files, completely redone the installation of the site, but somehow they continue to gain access.. This site is a non-profit organization and it's seriously impacting our search results on Google, etc.. (HowTos)

dayu's picture
Submitted by dayu on 12/11/2011

Stories similar to How do I figure out how the "Pharma Hack" hackers are gaining access to my site?

I'm going crazy right now and I don't know what to do.

I've did a Google search about those hackers where they using .htaccess to redirect my site to their site to gain traffic, and now I'm getting this problem since yesterday and I don't know what I should do....

I've also did a search and found some people having the same problem and the suggestion was to do a clean install for my site and I h

Emerging just a week after the high-profile Gawker Media hack, and proving it is still very fleet-footed indeed, Google search results now warn you if a website has been hacked. The notification (see screenshot above) looks just like the malware warning.

Unlike the malware warning, however, you do not get shown the ominous 'visiting this site may harm your computer!' interstitial page.

Sir,

We are running updated version of cpanel/whm. I have a question, How hacker can hack whole server by hacking single joomla website (old version)?

I undersatnd he can hack CMS, so he should access only to this account files. So how he got whole server access? all other website access?

Your reply will be appreciated. Thanks

Regards, Simon

Hack Your Own Site 2 years 52 weeks ago

What's the best way to protect your site from hacking? To actually try it out, and hack your own site! It can be a great learning experience to test out some common exploits on your site, and fix all your vulnerabilities.

A friend is experiencing a random redirect to an RU domain for two of her websites, along with a malicious cookie attack, as per a Norton pop-up everytime I load a page on her site.

I checked out her WordPress installation and I saw a suspicious plugin which I deleted, and I also cleaned up the .htaccess files which were clearly compromised with these Russian redirects.

However, even after ensur

Possible Duplicate: My server's been hacked EMERGENCY

My Ubuntu 10.04 LTS VPS has been hacked, probably via a WordPress site.

I was alerted to it when I noticed the incoming traffic was unusually high.

A WordPress site was littered with eval(base64_decode(...)) code in lots of files.

I can go directly to the site doublewing.org or www. without issue, but if I click on the link in google or yahoo it redirects to spam sites. Swagbucks works though! This is not on a single computer this happens on systems isolated from each other(Try it, avast blocks it) . The site is runing joomla 1.5.25 . I deleted .htacces, put fresh index.php and index2.php files.

Goal: Take existing content on the fully functioning Joomla! site and transition it to a drupal set up that is consistent with the parent university drupal theme I have my localhost running #! and have a fully functioning site using Joomla! and a fresh install of drupal.

[ubuntu] Vsftpd problem 32 weeks 4 days ago

Hi Guys!

I'm currently setting up my ubuntu 10.04 server running on a vps to host a Drupal Site. Now I'm already on the development stage of my drupal site and I also need to update some modules which could be done through FTP.

Now while searching over the web, I saw that to enable FTP on my ubuntu server, I have to install vsftpd.