My account hacked

R

rag_gupta

Registered
Sep 16, 2013
2
0
1
cPanel Access Level
Website Owner
My CPanel/WHM account(two) have been hacked using some Cpanel vulnerability ... I think. To reduce risk of attack I'm maintaining Joomla sites in different account. In one account home directory a dasher.php was placed. While in other LICESNE.php was placed.

I've attached the original access_log which is encrypted with passwd.

The attack has come from IP : 199.115.117.242

You can see that an infection dasher.php was uploaded.

I've changed the login name, server name and the ip address in this log file

Can you please tell me what could be the vulnerability?
 
I

Infopro

Well-Known Member
May 20, 2003
17,091
516
613
Pennsylvania
cPanel Access Level
Root Administrator
Twitter
I've removed the attachment from your post. There's no need for that here.

You might do better to take a closer look at your Joomla install and whatever plugins you're using to make sure it's all fully up to date.

If you require assistance in doing so, you might want to hire someone from the cPanel AppCat:

cPanel App Catalog

Good luck with this.
 
24x7server

24x7server

Well-Known Member
Apr 17, 2013
1,911
96
78
India
cPanel Access Level
Root Administrator
Twitter
Hello,

Install LMD scanner on your server and scan your whole server and remove all php shell script from your server and install ConfigServer Security Firewall along with Mod_Security.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
K My WHM/cpanel account hacked? No access to root Security 10
S Cpanel Account Hacked Security 3
C Cpanel Account Hacked, Or Just The Wp Sites? Security 2
vaishak My cpanel accounts are getting hacked again and again Security 2
M Problem about account been hacked Security 1
Similar threads
My WHM/cpanel account hacked? No access to root
Cpanel Account Hacked
Cpanel Account Hacked, Or Just The Wp Sites?
My cpanel accounts are getting hacked again and again
Problem about account been hacked
Top Bottom