My experience with Blog Hackers
Remember this post?
Stephen Ian Advincula
NOTICE OF COPYRIGHT INFRINGEMENT
Ladies and Gentlemen:
On behalf of www.atmaxplorer.com, owned and operated by Stephen Ian Advincula (the Owner)
As required under Sections 512(c)(3) and 512(d)(3) of the Digital Millennium Copyright Act (17 U.S.C. 512(c)(3) and 512(d)(3)), I was instructed to place you on notice that:
1. The owner (Stephen Ian Advincula) is the exclusive owner of the copyrights in and to the Atma Xplorer. This applies to all files and information related to atmaxplorer.com therein; and
2. Entering on the URL www.pdada.com, the website in question contains a fully copied version of Atma Xplorer (www.atmaxplorer), including all files and database.
3. All posts from pdada.com are exact copies of those found in www.atmaxplorer.com
Please immediately remove or disable all access to the Infringing Material.
I have a good faith belief that the use of the Infringing Material is not authorized by the Owner, its agents or the law. The information in this Notice of Copyright Infringement is accurate and under penalty of perjury, I am authorized to act on behalf of the Owner.
Should you require any further information regarding this matter, please contact me at the email address indicated below:
Very truly yours,
Stephen Ian Advincula
A simple whois on the domain reveals the information of the culprit:
998 Lancelot Drive
Norcross, GA 30071
This is a screen shot of the site infringing Atma Xplorer:
Please, remember it well.
Yep. My site has been copied, and just recently, hacked by some malicious individual. Who? Probably the same guy behind pdada.com. A quick trace of the last login in my Cpanel has been traced to China. Not really surprising since the PHP bomb (or something similar to it) that was planted on my site was in Chinese.
Luckily, my host Zanzhosting keeps daily backups (I do keep backups too but since they’re forwarded to my email and it’s been comprimised it basically was worthless). I’m currently reuploading the comments so it may take awhile but I’ve hardened my blog with double the security details I know.
What to do to prevent your site from getting hacked?
- Don’t ever login to your cPanel via a computer that you don’t trust.
- Keep track of what’s in your directory
- Always always keep backup in SECURE several places
- Choose a hosting that cares
While I didn’t actually do such a transaction, it’s possible that one or more of my browsing records were uploaded to the net and ended up with the bad guys.
A few hours before the hack, I noticed an /upload folder and ignored it. Guess you can say that was the key to this whole incident. When I browsed the contents of that folder, it contained the malicious script that opened the doors to the hackers.
My biggest mistake was that I had my back up in several places but they were not secure. I had them in my directory AND my email which turned out to be the worst combination. In any case, I’ve set up several copies on my online storage sites so I can grab them anywhere and whenever I need them.
Throughout the ordeal, Zanzhosting’s was helping me along the way. Although most of the incident was my fault, they helped me get through it. The best service they’ve provided was the daily backups since my most recent “good” backup was a week old.
If you see my site down again, that means I pissed off the hackers again AND they’ve managed to bypass my securities again. In any case, at the moment, my site’s back up and running although still missing a few items.
The sad part is that Register.com has still to respond to my DMCA email. In any case, I’m just glad that I’m back. Bring on the $$$