Got a Hack.... need to view log files

Yes we had the same hack happen a couple days ago,

Black background red writing, I heard it was done to several hosting companies at random. Not sure if this is what you had happen. It sounds the same since the hack we heard of only changed the front page to.

Our admin said the security hole was fixed with the 6.0 upgrade.

 

Does sound like the "guestbook" hack which has been fixed in 6.0. Happened to me as well and I clued in when I seen (in my Cpanel Error logs, so person only needs to check there) where there was an entry for "wget".

That's the only thing they can do/use with the "guestbook" hack and will usually upload an index file and/or image so they can have bragging rights.

 

Got a Hack.... index.html

Hello everyone,
We also had the same problem yesterday. Suddenly all our virtual servers index pages were changed to a funky page and we have left one in our server for preventing others. You may see tha page at: http://test.megapolis.biz. We dont know if the problem comes from guestbook but we found out a PHP SSH script in demo account! We just deleted the account.

Good luck,
Mashadi

cPanel.net Support Ticket Number: cPanel ID# 16994

 

Got a Hack.... index.html

Hello everyone,
We also had the same problem yesterday. Suddenly all our virtual servers index pages were changed to a funky page and we have left one in our server for preventing others. You may see tha page at: http://test.megapolis.biz. We dont know if the problem comes from guestbook but we found out a PHP SSH script in demo account! We just deleted the account.

Good luck,
Mashadi

cPanel.net Support Ticket Number: cPanel ID# 16994