Link to home
Start Free TrialLog in
Avatar of bleggee
bleggeeFlag for United States of America

asked on

7MEMES.COM - Malware/Hack or Normal?

On my Linux/Apache Web Server, in the error logs I noticed several references to "7memes.com", failures trying to run "ROOT.PHP" from 7memes.com, etc.

Strange thing is, I somehow got a web page from my server being served up to me in a browser (I don't remember what I did to get there) and the Address Bar URL said "7memes.com", though the page was a very unique page from my web server.

Looks like 7memes.com is somehow connected to CLOUDFARE.

Does anyone know if this is Malware or some legit activity?

ASKER CERTIFIED SOLUTION
Avatar of David Favor
David Favor
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Strange thing is, I somehow got a web page from my server being served up to me in a browser

It sounds like your box may have been compromised

You may want to consider taking it off-line until you can go through everything or better yet, wipe it out and restore from backup after a clean install
Avatar of bleggee

ASKER

Thx David. Just to clarify, if you go to a Browser and enter "7memes.com" (and maybe refresh browser) I just added the initials "E.E." at the bottom of that short page. I just added that there to verify we are looking at my live web server (and not a copy of the page copied elsewhere).
So that means that if someone enter's 7memes.com, they will be directed to my server!!  
Any idea how they are doing that so I can stop it?  
1) So that means that if someone enter's 7memes.com, they will be directed to my server!

Sounds like the old Warez site hack, where many sites were hacked to serve pirated software...

Then, upon visiting the Warez site, you were directed to one of the many Warez site pirate software clones all over the world.

2) Any idea how they are doing that so I can stop it?

Yes... and this can be a bit of long conversation.

Open a new question about this topic, as this problem has a different answer set from the original question.