How was I hacked? Security experts....
Posted on 2006-03-30
Yesterday I discovered that number of files on my server had been hacked.
A new line of code has been added that opened an IFRAME and tried to download a trojan.
The files were chmodded to 777, so anyone could have written, but on checking i discovered that every file that was 777 suffered this attack.
What puzzles me is that these files were in a folder protected by .htaccess, the folder was 755, and Im the only person in the world that uses these files, so the filenames were linked to from anywhere else, how did the attacker discover the files, can anyone just browse my filesystem remotely?