Unauthorized cPanel account access

higherpraise

• August 03, 2014 07:05

Hi I am getting major hacks against everything. a web site - Removed - has stolen all our materials 14 years of tabs and chords he has downloaded over 2 million files in the last 8 months by quick download software now he is attacking the site to try and get what he wants. He lives in another country and thinks its ok. My brute force is hit 50 times times a day and the firewall is overloaded by hits on the ftp. Using spoof ips and Google bot ips so when the brute force blocks the ip for 40 days it cannot Google cant search our sitefor new materials which has killed our ranking. the site. I am a newbie at cpanel. [COLOR="silver">- - - Updated - - - Hi Again he hacked our tube video site and deleted 15 thousand videos. I had a back up up to july 2013 and lost 2500 videos july 17 2014 we restored it and a week later he cracked our 18 digit pass code and did it again. I do not know how he is doing this. He opens fake accounts constantly ever 30 seconds when we delete them it then starts to delete videos. The video program is media share that we use HELPPPPPPPPPPPPP. Thanks

• 

  24x7server

  • August 03, 2014 15:22

  Hello, You need to scan complete server on first priority also please see if there are any root symlinks are available. This kind of attack generally occurs when root level hacking occurred. Also you can have a look at ASL kind of tool which is being much effective against hacking.

  0
• 

  JaredR.

  • August 04, 2014 12:06

  You need to ask your hosting provider for help with this. As a site owner, without root access, your ability to address security problems is limited. Your hosting provider should be interested in helping you with this problem, because it potentially poses a threat to the other sites on the server as well as yours. Most of the items 24x7server mentioned are only available to you if you are the server administrator. You selected "Website Owner" as your access level in your forum profile, so by that I assume that you are not the server administrator. Your server administrator, which is your hosting provider, should be able to help you with this problem.

  0
• 

  lorio

  • August 04, 2014 12:53

  [quote="higherpraise, post: 1700222">he hacked our tube video site and deleted 15 thousand videos. The video program is media share that we use
  Can you provide a link to the company where you downloaded/bought the "tube video site" software called media share? Or are you talking about a youtube account which was hacked? What computer are you using to login to your sites/accounts? Perhaps your local computer system was hacked first?

  0
• 

  corporatehost

  • August 05, 2014 15:39

  Hi, I agree with lorio Suspect that some kind of keylogger (malware) that can be installed in your local computer system infected firstly and sending the details to the hacker. Suggest you to run a full scan with UPDATED malware or antivirus software on the systems you're using locally and remove any malware found.

  0
• 

  johnnyriker

  • August 08, 2014 16:05

  Lorio is probably right. The hacker probably left a bot on your computer to report all your actions back to him or record them at the very least. This can be a big problem and very hard to correct if not found. You may want to migrate the databases and reload your software. Scanners can check for backdoors but you can never be sure if they are all closed and that no bots are reporting back. The only way to be 100 % sure is to pull the databases and reload software. It's not easy but then your sure that everything is good. Change all your passwords to individual ones. No passwords should be used in the same place. Make strong passwords and don't use old ones. I've been attacked by hackers but never compromised as of yet. Backup often if possible. Talk to youtube to see if they can rollback your account to a good point. Hope you get everything figured out.

  0

Please sign in to leave a comment.