Bitcoin Forum>Other>Archival
Pages:
Author

Topic: How was I hacked? - page 2. (Read 1685 times)

EcuaMobi
legendary
Activity: 1862
Merit: 1469
Re: How was I hacked?
March 20, 2015, 10:56:47 AM
#10
Quote from: ak111in on March 20, 2015, 10:48:01 AM
Quote from: EcuaMobi on March 20, 2015, 10:14:16 AM
Are you using the latest version of phpMyAdmin? I think an older version had a security bug.
Also is it installed on tje default /phpmyadmim? Try a unique URL. Just to confirm I guess it uses SSL right?
And finally make sure to use .htpasswd besides the normal DB password. Were you already using it?
Have updated everything now, but do not have SSL or .htpasswd

If you think the hacker may have accessed the DB that way you should definitely add those. Regarding SSL a self signed certificate would do, just to prevent your DB password from being sent as plain text.
ak111in
full member
Activity: 180
Merit: 1003
Re: How was I hacked?
March 20, 2015, 10:48:01 AM
#9
Quote from: EcuaMobi on March 20, 2015, 10:14:16 AM
Are you using the latest version of phpMyAdmin? I think an older version had a security bug.
Also is it installed on tje default /phpmyadmim? Try a unique URL. Just to confirm I guess it uses SSL right?
And finally make sure to use .htpasswd besides the normal DB password. Were you already using it?
Have updated everything now, but do not have SSL or .htpasswd
EcuaMobi
legendary
Activity: 1862
Merit: 1469
Re: How was I hacked?
March 20, 2015, 10:14:16 AM
#8
Are you using the latest version of phpMyAdmin? I think an older version had a security bug.
Also is it installed on tje default /phpmyadmim? Try a unique URL. Just to confirm I guess it uses SSL right?
And finally make sure to use .htpasswd besides the normal DB password. Were you already using it?
ak111in
full member
Activity: 180
Merit: 1003
Re: How was I hacked?
March 20, 2015, 06:22:29 AM
#7
Quote from: abyrnes81 on March 20, 2015, 06:14:33 AM

Have you checked your e-mail address? Has been it compromise or not? Maybe the hacked 'caught' the access to your address and requested a password reset for you admin vps account.

There are no signs that my email has been compromised, since all the changes were made only in database I think he did not get access to my vps account or ssh but only got through phpmyadmin.

Quote from: zetaray on March 20, 2015, 06:11:46 AM
A long password takes too long to bruteforce. Hackers usually go for faster and easier ways. if the site is important to you, spend some btc and hire a white hat hacker to hack your site. Then you will know.
Can you suggest someone or where can I find one Smiley
abyrnes81
hero member
Activity: 714
Merit: 500
Re: How was I hacked?
March 20, 2015, 06:14:33 AM
#6
Quote from: ak111in on March 20, 2015, 06:11:56 AM
Quote from: abyrnes81 on March 20, 2015, 06:10:01 AM
Quote from: ak111in on March 20, 2015, 05:58:18 AM
Hi,
Today my bitcoin based website was hacked. The hacker changed the password of admin and other major accounts and changed the withdrawal bitcoin address of all accounts which had major balance. Though I did not lose any bitcoins as he broke the website by messing up the database and I became aware of the hack. The hacker was able to access my database , I suppose through phpmyadmin but I think he was not able to get ssh root access.

So I want to know how feasible it is to brute force a 17 character password having numbers+characters+symbol or should I look for any other way the hacker may have got in.

Hacker bitcoin address to which all the withdrawal addresses were set: 1A8AzZSQp2oxzdSJeUUpoNmeff9bLQKBRo

Regards

Most probable the hacker didn't bruteforce the password, it was another external type of attack (maybe as you said ssh root access). Can I ask you where have you stored your site? On a vps or professional hosting?

vps

Have you checked your e-mail address? Has been it compromise or not? Maybe the hacked 'caught' the access to your address and requested a password reset for you admin vps account.
ak111in
full member
Activity: 180
Merit: 1003
Re: How was I hacked?
March 20, 2015, 06:11:56 AM
#5
Quote from: abyrnes81 on March 20, 2015, 06:10:01 AM
Quote from: ak111in on March 20, 2015, 05:58:18 AM
Hi,
Today my bitcoin based website was hacked. The hacker changed the password of admin and other major accounts and changed the withdrawal bitcoin address of all accounts which had major balance. Though I did not lose any bitcoins as he broke the website by messing up the database and I became aware of the hack. The hacker was able to access my database , I suppose through phpmyadmin but I think he was not able to get ssh root access.

So I want to know how feasible it is to brute force a 17 character password having numbers+characters+symbol or should I look for any other way the hacker may have got in.

Hacker bitcoin address to which all the withdrawal addresses were set: 1A8AzZSQp2oxzdSJeUUpoNmeff9bLQKBRo

Regards

Most probable the hacker didn't bruteforce the password, it was another external type of attack (maybe as you said ssh root access). Can I ask you where have you stored your site? On a vps or professional hosting?

vps
zetaray
hero member
Activity: 658
Merit: 500
Re: How was I hacked?
March 20, 2015, 06:11:46 AM
#4
A long password takes too long to bruteforce. Hackers usually go for faster and easier ways. if the site is important to you, spend some btc and hire a white hat hacker to hack your site. Then you will know.
abyrnes81
hero member
Activity: 714
Merit: 500
Re: How was I hacked?
March 20, 2015, 06:10:01 AM
#3
Quote from: ak111in on March 20, 2015, 05:58:18 AM
Hi,
Today my bitcoin based website was hacked. The hacker changed the password of admin and other major accounts and changed the withdrawal bitcoin address of all accounts which had major balance. Though I did not lose any bitcoins as he broke the website by messing up the database and I became aware of the hack. The hacker was able to access my database , I suppose through phpmyadmin but I think he was not able to get ssh root access.

So I want to know how feasible it is to brute force a 17 character password having numbers+characters+symbol or should I look for any other way the hacker may have got in.

Hacker bitcoin address to which all the withdrawal addresses were set: 1A8AzZSQp2oxzdSJeUUpoNmeff9bLQKBRo

Regards

Most probable the hacker didn't bruteforce the password, it was another external type of attack (maybe as you said ssh root access). Can I ask you where have you stored your site? On a vps or professional hosting?
Come-from-Beyond
legendary
Activity: 2142
Merit: 1009
Newbie
Re: How was I hacked?
March 20, 2015, 06:07:03 AM
#2
Quote from: ak111in on March 20, 2015, 05:58:18 AM
Hi,
Today my bitcoin based website was hacked. The hacker changed the password of admin and other major accounts and changed the withdrawal bitcoin address of all accounts which had major balance. Though I did not lose any bitcoins as he broke the website by messing up the database and I became aware of the hack. The hacker was able to access my database , I suppose through phpmyadmin but I think he was not able to get ssh root access.

So I want to know how feasible it is to brute force a 17 character password having numbers+characters+symbol or should I look for any other way the hacker may have got in.

Hacker bitcoin address to which all the withdrawal addresses were set: 1A8AzZSQp2oxzdSJeUUpoNmeff9bLQKBRo

Regards

Recent hacks of Bitcoin related sites and exchanges hint that it's a 3-letter agency behind them. You should ask Snowden how your website was hacked.
ak111in
full member
Activity: 180
Merit: 1003
Re: How was I hacked?
March 20, 2015, 05:58:18 AM
#1
...
Pages:
Bitcoin Forum>Other>Archival
Jump to: