The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Unauthorized cPanel account access

Discussion in 'General Discussion' started by higherpraise, Aug 3, 2014.

  1. higherpraise

    higherpraise Registered

    Joined:
    Aug 3, 2014
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    Hi
    I am getting major hacks against everything. a web site - Removed - has stolen all our materials 14 years of tabs and chords he has downloaded over 2 million files in the last 8 months by quick download software now he is attacking the site to try and get what he wants. He lives in another country and thinks its ok. My brute force is hit 50 times times a day and the firewall is overloaded by hits on the ftp. Using spoof ips and Google bot ips so when the brute force blocks the ip for 40 days it cannot Google cant search our sitefor new materials which has killed our ranking. the site. I am a newbie at cpanel.

    - - - Updated - - -

    Hi Again
    he hacked our tube video site and deleted 15 thousand videos. I had a back up up to july 2013 and lost 2500 videos july 17 2014
    we restored it and a week later he cracked our 18 digit pass code and did it again. I do not know how he is doing this. He opens fake accounts constantly ever 30 seconds when we delete them it then starts to delete videos. The video program is media share that we use HELPPPPPPPPPPPPP. Thanks
     
  2. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,146
    Likes Received:
    34
    Trophy Points:
    48
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hello,

    You need to scan complete server on first priority also please see if there are any root symlinks are available. This kind of attack generally occurs when root level hacking occurred.

    Also you can have a look at ASL kind of tool which is being much effective against hacking.
     
  3. cPanelJared

    cPanelJared Technical Analyst
    Staff Member

    Joined:
    Feb 25, 2010
    Messages:
    1,842
    Likes Received:
    18
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    You need to ask your hosting provider for help with this. As a site owner, without root access, your ability to address security problems is limited. Your hosting provider should be interested in helping you with this problem, because it potentially poses a threat to the other sites on the server as well as yours.

    Most of the items 24x7server mentioned are only available to you if you are the server administrator. You selected "Website Owner" as your access level in your forum profile, so by that I assume that you are not the server administrator. Your server administrator, which is your hosting provider, should be able to help you with this problem.
     
  4. lorio

    lorio Well-Known Member

    Joined:
    Feb 25, 2004
    Messages:
    243
    Likes Received:
    3
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Can you provide a link to the company where you downloaded/bought the "tube video site" software called media share?
    Or are you talking about a youtube account which was hacked?

    What computer are you using to login to your sites/accounts? Perhaps your local computer system was hacked first?
     
  5. corporatehost

    corporatehost Member

    Joined:
    Jul 17, 2014
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi,

    I agree with lorio

    Suspect that some kind of keylogger (malware) that can be installed in your local computer system infected firstly and sending the details to the hacker.

    Suggest you to run a full scan with UPDATED malware or antivirus software on the systems you're using locally and remove any malware found.
     
    #5 corporatehost, Aug 5, 2014
    Last edited: Aug 5, 2014
  6. johnnyriker

    johnnyriker Registered

    Joined:
    Jul 28, 2014
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    Lorio is probably right. The hacker probably left a bot on your computer to report all your actions back to him or record them at the very least. This can be a big problem and very hard to correct if not found. You may want to migrate the databases and reload your software. Scanners can check for backdoors but you can never be sure if they are all closed and that no bots are reporting back. The only way to be 100 % sure is to pull the databases and reload software. It's not easy but then your sure that everything is good. Change all your passwords to individual ones. No passwords should be used in the same place. Make strong passwords and don't use old ones.

    I've been attacked by hackers but never compromised as of yet. Backup often if possible. Talk to youtube to see if they can rollback your account to a good point.

    Hope you get everything figured out.
     
Loading...

Share This Page