Link to home
Start Free TrialLog in
Avatar of axtur
axtur

asked on

Site hacked by muslims

One of my sites has just been hacked by muslims..

What can be going wrong?? How can i fix it??

Here's the screenshot. I'm shocked, the holy war in my website :S

http://img81.imageshack.us/img81/9388/hackingmuslimswl1.jpg
Avatar of Fezzly
Fezzly
Flag of United States of America image

What might your site be about?
Avatar of axtur
axtur

ASKER

This is an adult website. No politics, no religion.
Well, I'm assuming it was a joke for the Muslim thing because It probably wasn't. As for fixing it you might want to contact a administrator for the server your website is curretly hosted on. What could be going wrong? Well I guess not every one is fond of adult websites? Maybe because it was just for fun.
ASKER CERTIFIED SOLUTION
Avatar of greymirror
greymirror
Flag of Australia image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of axtur

ASKER

Hi,

Have you checked out the screenshot from my site??

See this picture: http://img81.imageshack.us/img81/9388/hackingmuslimswl1.jpg

It says clearly they are muslims, and signed with the next sentence:

"Casus Team from  Syria and Turkey defacer"  Holy war by muslims.

If they are not muslims at least they claim to be so, why shouldn't i believe it??

I've been googling about this and I've found out that there is an online "holy war" of several muslim hackers hacking western sites. Sounds as weird as it is.

I know that my site content (its an adult site) is totally against their beliefs and laws, but I don't live in a muslim country and my site is not even hosted in a muslim country.

Im trying to fix it and reporting this issue to my server. Probably they've changed my index.php page for theirs.

By the way, my server is hosted in Denmark, as I'm in EU.
Avatar of axtur

ASKER

Tomorrow I'll check the technical issues, now I was more concerned about the reasons, rather than the thechnical aspects.

I think I've found the reason, as i stated before, my hosting company is in denmark. So probably this has nothing to do with the content but with the hosting company location.

http://www.pcpro.co.uk/shopper/news/83314/muslim-hackers-blast-denmark-in-net-assault.html
Avatar of Tolomir
Indeed, that will be still the Denmark thing.

Apart from that it's not normal that a site is hacked by anyone. If they DDOoS-ed your site it would be a real problem but the defacement should be "easy" to resolve. Fix any security problems.

A DDoS would take a bit longer....

Tolomir
Avatar of axtur

ASKER

Fixed!

They deleted my index.php file and placed theirs, I was trying to overwrite it (theirs) by mine, but it wouldn't let me to do it, i had to delete it and then upload mine again.

how could they do such thing?? Whats wrong with my settings?
axtur,

> One of my sites has just been hacked by muslims..

So?

> What can be going wrong??

Secure the site

> How can i fix it??

Learn how to secure, then do. For one, it is likely illegal and authorities may have an interest. If it is your server, your administration, this you must do. If it is a service you are being provided with, then you can be the dumb role, they need to know whether it is to secure it for you, or to find out what you did or did not do that enabled this. That would not only help them, be be valuable information for them for their other clients.

> Here's the screenshot.

I'll skip it. For now, given site is typecast now as vulnerable. If it is vulnerable to one attack, and the option to exploit has been taken, how does anyone know that it was not exploited in any other manner?

> This is an adult website. No politics, no religion.

In other words, among the favorite targets of many

> Well I guess not every one is fond of adult websites? [Fezzly]

Exactly

> It says clearly they are muslims, and signed with the next sentence:

So? Anyone can say anything. So what if I post it was a message from Santa Claus? Believe it? The belief is not the point. The nature is political, and I agree that you got that part just right, whatever the source.

> f they are not muslims at least they claim to be so, why shouldn't i believe it??

For one, if someone was interested in cloaking attempt to identify source, one is less likely to be truthful. For another, Muslim is a general term, so where someone who actually thinks that they act as Muslim, even politically, may not find much agreement with their actions among other Muslims.

Try this on for size: If Muslim disappove of a website like yours, then how do they know if it exists unless they are looking, and if they are looking, can they really be Muslim? Same can apply to Christian and others, where they think they should not look, than why are they found describing it, if not actually looking?

> there is an online "holy war" of several muslim

I can agree that such is of news, which still does not translate to the truth of the matter. Regardless, with all the different types of internetting attacks on the web, it goes better to focus on protecting the filesytsem before attempting pschoanalysis. Priorities must be straight.

>  know that my site content (its an adult site) is totally against their beliefs and laws, but I don't live in a muslim country and my site is not even hosted in a muslim country.
> my server is hosted in Denmark

That country is supposed to be among the favored targets of such a group btw, it has nothing to do with who lives where, the internet is global.

> Im trying to fix it and reporting this issue to my server

Good

>  know that my site content .. is totally against their beliefs

And they are not alone, possibly a minority in that aspect. However, some have more interest in hiding their acts, so try to feel good or better about that, they are warning you of your vulnerabilty, isn't that nice. Better off getting defaced than some of the alternatives.

This is similar to graffiti. It is not similar to home invasion.

> Tomorrow I'll check the technical issues, now I was more concerned about the reasons, rather than the thechnical aspects.

Again, priority ought to be the security, the technical, not the mind-reading. First things first.

Tolomir>  defacement should be "easy" to resolve. Fix any security problems

Exactly.

> how could they do such thing?? Whats wrong with my settings?

We could say that we do not know what all of your settings are, but in the nature of the question, how do we know that you are being truthful, and not someone trying to learn how to do such a thing? At least remember that this is a public forum, that many who would access your site later, may access this site first. Rather, try in the security TA a separate question concerning things to do to secure a system, a more general approach, than making a list of what attacks works under what conditions, a how-to manual or whatever
They must have gotten a password that enables them to get to the file system (either yours or sysadmins or root or ...).

Talk to the people who run the site.  They frequently have log-in logs.  Someone must have had permission  to "update" this file.  Alternately, some people believe prayer works.
Some people believe in their alderMan and elected representatives and officials and firewalls
Just get better security O_o .
Avatar of axtur

ASKER

I don't know how to improve my security, I just set the right permissions for the right users, and password-protect everything that should be password-protected.

It looks like my website rootfolder had writing permissions enabled to everyone. (777). Now i've changed that.

Anyway, I don't know whats the point with doing such actions.
Learn