We just had a call from a customer telling us that our website has been hacked!
Sure enough.... Black screen and it says "american soldiers are murderers"...
Nice....:mad:
Luckily our web guy is a good friend, so he's on it. But it's just so maddening!!!

Ugh, why do they do it? And why go after someone so nice??

I'll send lots of butterflies to help you web guy get it cleaned up and locked down super quick.

Hugs, too,
~T~

That is just ridiculous. Do they honestly think that people are going to look at that website and say to themselves.."Hey, we didn't think of that! Let's do something about it?". No, it's just going to annoy everyone. Besides, they obviously don't know what they are talking about as "soldiers" refers to Army. Oh, and it's only AMERICAN soldiers that are murderers??? And to hack a CYCLING website. Yeah, that's going to send a message to the people of influence in the political machine. Sorry for the ramble. I just don't understand what it is they are trying to accomplish. Maybe my ramble is what they want, p&*ing everyone off! Then again, maybe it's a 14 year old with time on his hands.

(Guess my son is in the clear, he's a seaman.)

Hope your site is up and running soon. I really enjoy it.

Thanks u! and yeah I agreee, whats the point??!!
Our web guy must be having a time with it because it's still down...
UGH! And we needed to add some stuff to it today.
We are doing a special training program for El tour De Tucson, so I need to get the stuff up on the site... sigh...
UGH!!!!!

Edit to add... Just spent 15 mins on the phone with the host. Seems they got us good. The entire site is toast and needs to be rebuilt!!! FUDGE!!! I'm NOT happy!!

You aren't the only ones. I found this (http://www.neocrome.net/forums.php?m=posts&q=21218) when I googled "hacked by saldiray". The dates begin in 2006. Not a new one. There are also a lot of websites whose searches pull up "hacked by saldiray" on the search page. I'd like to see what's on their page, but am definitely not clicking there.

I am sorry that has happened to you. I just don't see the point, it is just distructive.

That is so frustrating! Those guys just look for any open site. To them it's just a number (the IP address) they don't care or even know most times what the site is for just that it's in the US. Mostly it's just kids in other countries with axes to grind and too much time on their hands. Hope you are up and running soon!

Punk-a$$es just looking to prove they can do it.
I hope they get busted but good.

Thanks u! and yeah I agreee, whats the point??!!
Our web guy must be having a time with it because it's still down...
UGH! And we needed to add some stuff to it today.
We are doing a special training program for El tour De Tucson, so I need to get the stuff up on the site... sigh...
UGH!!!!!

Edit to add... Just spent 15 mins on the phone with the host. Seems they got us good. The entire site is toast and needs to be rebuilt!!! FUDGE!!! I'm NOT happy!!

Doesn't your host or webmaster have back up files of your site? Seems like it would be as simple as resetting the server, changing the password and uploading the files. I always have clean back up copy of all my websites just incase something like this happens. I can't imagine having to start from scratch and rebuild everything! I sure hope there is a better solution for you out there.

Yes, don't you keep copies of your own website contents? :confused:
You mean neither your web hoster or you have copies of your page codes and images etc? That's not good.

Perhaps if you have nothing left, you can use the WayBackMachine archives to view your old pre-hacked pages, and then do a right-click "view source" on each one and copy the code and paste/create new pages from that?
WayBackMachine (http://www.archive.org/web/web.php)

It's still showing on the webpage:( People suck:(

CA

I just checked and google still has your site cached. I would hurry and copy the code before it goes away. To do this, go to google search and type in your companies name, then hit the "Cached" button at the bottom of your listing. Then go to "view source" and copy the code and paste it into a text editor program. Hopefully your webmaster still has all of the images. Hope this works for you. Good luck!

I just checked and google still has your site cached. I would hurry and copy the code before it goes away. To do this, go to google search and type in your companies name, then hit the "Cached" button at the bottom of your listing. Then go to "view source" and copy the code and paste it into a text editor program. Hopefully your webmaster still has all of the images. Hope this works for you. Good luck!

The main page is cached. The links that I checked were already gone.

I'm hoping that "re-build" just means setting everything back up....

CA

Doesn't your host or webmaster have back up files of your site? Seems like it would be as simple as resetting the server, changing the password and uploading the files. I always have clean back up copy of all my websites just incase something like this happens.

I will add you need your web people to figure out what was the way in. A restored back up will likely contain the exact same issue. Was it an out of date version of software, a php or sql vulnerability in one of your web forms, etc. Have to try and find the source of the vulnerability and shore it up...

Years ago, DH (private investigator) was working on a high profile child molestation case. His work computer was hacked the same way - just different message. Scarey thing was, the message pertained to his case. He lost everything.

Hard way to discover the value of backing up your computer on a regular basis! :mad:

I will add you need your web people to figure out what was the way in. A restored back up will likely contain the exact same issue. Was it an out of date version of software, a php or sql vulnerability in one of your web forms, etc. Have to try and find the source of the vulnerability and shore it up...

Yes, I was going to say -- this is probably why the site isn't up yet. If I understand properly, you have a host provider that probably has many users all with their own websites on one or more server machines. Then you also have your web developer, who wrote the content for your site and uploaded it to your business account on a server machine.

Even if all the files are backed up, there's no point in bringing the websites up again until the means of the hack is discovered; otherwise you might immediately get hit again. It's also possible they may audit the site code for all of their users and change their settings to not allow certain constructs. So some sites may need to be rewritten. (For example, there are certain settings in PHP that are much more secure than others.)