| ||||||||||
Shopping cart software Solutions for online shops and malls | ||||||||||
|
X-Cart Home | FAQ | Forum rules | Calendar | User manuals | Login |
Warning: Iframe based attacks using stolen FTP access info | ||||
|
|
Thread Tools |
#71
|
|||||||||
|
|||||||||
Re: Warning: Iframe based attacks using stolen FTP access info
There's two methods on the hosts list. While we don't use windows servers (only unix) and our staff mainly use Linux desktops, here's the deal on the windows hosts list:
The host (your web server guys) shoudl be checking that file for any anomilities, however the USERS file can also be affected: http://en.wikipedia.org/wiki/Hosts_file Basically the file should be BLANK or at a minimum, known IPs. These are generally used to speed up searches and destinations on the web. Some people edit this file when they are moving sites from one server to antoher and want to test things. Anyway, the file shoudl be empty. Open the HOSTS file with Notepad and make sure the file doesn't have anything in it. If there's something in it, then esentially what it's doing is trying to reroute you to another location. If for example it has "yahoo.com" and then an IP number beside it, then that's probably fraud. Delete the line, and let it pick up yahoo on it's own.
__________________
Conor Treacy - Big Red SEO - @bigredseo Search Engine Optimization & Internet Marketing - We Bring Your Website Out Of Hiding! If you can't be found on Google, Bing or Yahoo, you pretty much don't exist on the Internet. Omaha SEO Office with National & Local SEO Services Hourly Consulting - great for SEO Disaster Recovery, Audits and DIY Guidance |
|||||||||
#72
|
|||||||
|
|||||||
Re: Warning: Iframe based attacks using stolen FTP access info
Quote:
/me hands you some stinky socks
__________________
Emerson █ Total Server Solutions LLC- Quality X-Cart Hosting █ Recommended X-Cart Hosting Provider - US and UK servers █ Does your host backup your site? We do EVERY HOUR!!! █ Shared Hosting | Managed Cloud | Dedicated Servers |
|||||||
#73
|
|||||||
|
|||||||
Re: Warning: Iframe based attacks using stolen FTP access info
Quote:
127.0.0.1 localhost I am OK then?
__________________
X-Cart Gold 4.1.9 Smart Search (from Altered Cart) DSEFU Pro Product Meta Tags Plus Category Meta Title Control Latest Additions (BCSE) Remember Me login FireTank's Feed Manager Lightbox (BCSE) EWD Hosting |
|||||||
#74
|
|||||||||
|
|||||||||
Re: Warning: Iframe based attacks using stolen FTP access info
Yes. If that's all that's in there, then you're fine.
__________________
Conor Treacy - Big Red SEO - @bigredseo Search Engine Optimization & Internet Marketing - We Bring Your Website Out Of Hiding! If you can't be found on Google, Bing or Yahoo, you pretty much don't exist on the Internet. Omaha SEO Office with National & Local SEO Services Hourly Consulting - great for SEO Disaster Recovery, Audits and DIY Guidance |
|||||||||
#75
|
|||||||
|
|||||||
Re: Warning: Iframe based attacks using stolen FTP access info
Ok now i understand my pc is all ok thank god.
I have looked at the ftp log file and it seems they gained access on the 1st october the only work i have had done in this period was by xcart support???
__________________
X-Cart version 4.1.3 Blank DVD Blank Cd Blank Media Dvd Case http://www.discworlduk.co.uk |
|||||||
#76
|
|||||||
|
|||||||
Re: Warning: Iframe based attacks using stolen FTP access info
Thank you!
But I guess I won't be doing any online banking until this whole thing blows over.
__________________
X-Cart Gold 4.1.9 Smart Search (from Altered Cart) DSEFU Pro Product Meta Tags Plus Category Meta Title Control Latest Additions (BCSE) Remember Me login FireTank's Feed Manager Lightbox (BCSE) EWD Hosting |
|||||||
#77
|
|||||||
|
|||||||
Re: Warning: Iframe based attacks using stolen FTP access info
Thanks for that info Emerson.
None of our units are compromised, it's driving us crazy how this punk has gotten access... I wouldn't be surprised if he is an X-Cart copy holder and he's monitoring this forum... |
|||||||
#78
|
|||||||
|
|||||||
Re: Warning: Iframe based attacks using stolen FTP access info
Quote:
*Peter trying to decide which Tide to use, with or without Febreeze... These are some stinky socks!* |
|||||||
#79
|
|||||||
|
|||||||
Re: Warning: Iframe based attacks using stolen FTP access info
Quote:
Might wanna go for pure bleach lol As far as safe don't feel to safe if your hosts file has not been tempered with as there still could be other problems. As far as I see there are only 2 ways here that this information has been obtained by the crooks 1. there has been a major security breach where a concentration on logins have been reached. This could be from a helpdesk of any developer that you have done business with and provided them with FTP login so they could work on your site. 2. Your computer is infected with a keylogger that is sending the login info to the hackers. Until we find out for sure how they are getting these logins no one is safe unfortunately.
__________________
Emerson █ Total Server Solutions LLC- Quality X-Cart Hosting █ Recommended X-Cart Hosting Provider - US and UK servers █ Does your host backup your site? We do EVERY HOUR!!! █ Shared Hosting | Managed Cloud | Dedicated Servers |
|||||||
#80
|
|||||||||
|
|||||||||
Re: Warning: Iframe based attacks using stolen FTP access info
Quote:
127.0.0.1 localhost ::1 localhost is the 2nd one anything to be concerned about? Thanks |
|||||||||
|
|||
X-Cart forums © 2001-2020
|