Messages

1

Installation, Update & Configuration / bank of america Phishing site

« on: September 24, 2007, 10:21:09 PM »

Hi there,

I received this email from my provider:

One of your clients got a phishing site at http://***/fotoalbum/data/www.bankofamerica.com/index.htm. It appears to be a insecure PHP application which allowed uploads to /usr/home/***/www/fotoalbum/data/www.bankofamerica.com/ folder. I have chmoded the folder to 000 permissions so that the pages are disabled. Kindly remove the phishing pages and upgrade the PHP script you are using.

This installation was installed via Fantastico (4images 1.74.)

How can I stop this from happening again?

2

Discussion & Troubleshooting / torrentflux-b4rt_1.0-beta1

« on: August 13, 2007, 08:01:54 PM »

Hi guys,

I was backing up a client's site via FTP in Dreamweaver when I noticed that it was taking too long. I noticed large files being downloaded. I investigated & found that 532mb of files were located in a folder called "torrentflux-b4rt_1.0-beta1" in the 4images "thumbnails" folder I had downloaded to my computer.

Has my client's site been hacked? I did not upload these files to the site?

I have uninstalled this 4images gallery via Fantastico.