Today my colleague asked me “hey, you have change your website to an image or your website has been hacked?”. I thought he must be entered the wrong URL. Then I visit my own site. OMG, it shows me the following image:
Ouch .. who did that.. my site is not that popular what..
I tried to contact my webhosting provider (www.hostexcellence.com) using live chat but nobody is answering. The website is really slow. I tried to logon into my account manager site, the site is very slow too.
Finally, I’m able to logon to the account manager. I tried to investigate the problems. There were 2 files created by the “hacker”/”cracker”. My index.php was replaced and a new image file ownz.jpg was created. The owner (linux’s user) of the files is httpd. httpd is a apache web server. I really don’t know how the hacker can put the files into my folder via httpd. Maybe there was a security loopholes in httpd.
After that, I replaced the hacked with the original index.php and reported to hostexcellence.com. Hopefully they will solve the security problem as soon as possible else I have to move my files to other server.
