Users should also check their .htaccess file. If it matches the date/time with the date time of attack provided by EUKhost, the contents should be verified.
Additionally, check for existence of special "shell" files, specifically php files that may use the "exec" function to steal weak passwords. A russian group has a very very powerful and commonly available tool that does this job automatically.
IF USERS SEE "99" IN ANY UNSUSPECTED FILENAME, E.G., 99.php, THEY SOULD IMMEDIATELY INFORM SUPPORT.
Yeah I shouted because it was needed, but no need to panic. One just needs to be careful and cautious at times of attacks, be it in cyber or real world.
Regds
IJ
|