(POSTING THIS IN CASE ANYONE ELSE IS GOING THROUGH THIS)
I have several sites hosted at HostGator including my vBulletin Forum. They have been up and down for the last few days with little or no explanation from the host.
We saw this when opening a forum page:
As it turns out, all of their servers were comprimised by a group of hackers using a zero-day exploit that targeted all IE visitors of our forum. Bad thing is it redirected all of our members to a malware site which in turn infected our members PC's with a trojan.
Hostgator just figured it out tonight but they still can't seem to stop it. More info at the Hostgator website is HERE
Also news articles here and here
So if you use HostGator or visit a vBulletin that does, you should patch your PC HERE . Other hosts are reporting attacks as well.
It has also been advised to change your cpanel password
It has also been rumored that eBay and Paypal were affected and some other hosts are currently being attacked. For more info, go to Google and search NEWS for "zero day exploit"
If you operate a vBulletin forum that was attacked you should notify your members to scan and update their PC's like we did.
I have several sites hosted at HostGator including my vBulletin Forum. They have been up and down for the last few days with little or no explanation from the host.
We saw this when opening a forum page:
HTTP/1.1 200 OK Date: Fri, 22 Sep 2006 01:53:37 GMT Server: Apache/1.3.34
(Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4
PHP/4.4.2 FrontPage/5.0.2.2635 mod_ssl/2.8.25 OpenSSL/0.9.7a X-Powered-By:
PHP/4.4.2 Cache-Control: private Pragma: private Content-Encoding: gzip
Content-Length: 9619 Keep-Alive: timeout=8, max=97 Connection: Keep-Alive
Content-Type: text/html; charset=ISO-8859-1 ‹ÿÝ]érÛH’þmEøªÙ1-y‚âÓ¦:»5ãCcÉí™ØØP€HÂJÖLìKìï—Y$%So«ÛTVUVVÞ•õ槓ÇWÿ¸8£x쉋ÏGïÎEe³^ÿÒ>®×O®NÄß»zÿN4k qZ~äÆnà[^½~ú¡"*£8žì×ëwwwµ»v-‡õ«Oõo«IÕËÍ8Õ²fÇvåàåÚîÑvÃnŋÊð,Ø8¾üαlzfìĆO6NÝÛnå8ðcÇ7¯î'NEôå»n%v¾ÅuøZôGV9q÷üòãæîî ÖÞf³"ê–oneèøNhź5
n¦žçÄ®/ÚµíZC6z¹öBB¶¼qîï‚ÐŽÒ {ªau„Óqµ×‹ª¶õ§QTU¿:^
âª~Jô+´«v`Ñwã{ù²zäZhIŸËGÄ ?
(Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4
PHP/4.4.2 FrontPage/5.0.2.2635 mod_ssl/2.8.25 OpenSSL/0.9.7a X-Powered-By:
PHP/4.4.2 Cache-Control: private Pragma: private Content-Encoding: gzip
Content-Length: 9619 Keep-Alive: timeout=8, max=97 Connection: Keep-Alive
Content-Type: text/html; charset=ISO-8859-1 ‹ÿÝ]érÛH’þmEøªÙ1-y‚âÓ¦:»5ãCcÉí™ØØP€HÂJÖLìKìï—Y$%So«ÛTVUVVÞ•õ槓ÇWÿ¸8£x쉋ÏGïÎEe³^ÿÒ>®×O®NÄß»zÿN4k qZ~äÆnà[^½~ú¡"*£8žì×ëwwwµ»v-‡õ«Oõo«IÕËÍ8Õ²fÇvåàåÚîÑvÃnŋÊð,Ø8¾üαlzfìĆO6NÝÛnå8ðcÇ7¯î'NEôå»n%v¾ÅuøZôGV9q÷üòãæîî ÖÞf³"ê–oneèøNhź5
n¦žçÄ®/ÚµíZC6z¹öBB¶¼qîï‚ÐŽÒ {ªau„Óqµ×‹ª¶õ§QTU¿:^
âª~Jô+´«v`Ñwã{ù²zäZhIŸËGÄ ?
Hostgator just figured it out tonight but they still can't seem to stop it. More info at the Hostgator website is HERE
Also news articles here and here
So if you use HostGator or visit a vBulletin that does, you should patch your PC HERE . Other hosts are reporting attacks as well.
It has also been advised to change your cpanel password
It has also been rumored that eBay and Paypal were affected and some other hosts are currently being attacked. For more info, go to Google and search NEWS for "zero day exploit"
If you operate a vBulletin forum that was attacked you should notify your members to scan and update their PC's like we did.
Comment