Hundreds of blogs hacked (Update)
 

I'm not sure if you recall my thread about a bunch of my WP blogs being hacked a while back. Some people gave some great advice and I can't recall who it was, but they said it was probably something residing in my computer. Whomever said that was correct. I was saving my user/pass as plain text from Filezilla and that's what they were getting their hands on. My websites were never hacked, they just got my FTP info and fucked me up.

If you use any FTP apps, DON'T save your passwords. As much of a pain as it is, manually input it every time. The couple seconds you save by having them in your site manager will only fuck you when you're fixing hundreds of websites.

Thanks for the great info, folks. Most of you guys rock.

yeah, that was a problem like ....... three years ago? when was the last time you updated Filezilla, in 1865?

I understand you completely, had one of mine servers with a bunch of wordpresses hacked completely, same method too - stolen passwords from cuteftp.

And yeah, its a MAJOR pain in the ass to fix it all.

Don't know if the hack you had was similar - a malign code fragments added on shitload of files throughout whole wordpress?

I had a programmer friend write me a script that scans and removes the code, he saved me DAYS AND DAYS of cleaning the shit out... :)

moral of the story: you're retarded.

SFTP for the win.

firewalls.. help with this.. on the serverside..

I had the same issue. SOlved it by installing another ANtivirus.
I know..I should get a MAC :P

^^this :2 cents:

filezilla is still being exploited :2 cents:

Don't use your browser for anything other than browsing.

How does SFTP solve anything if the passwords are stored in plain text?

Here I am on a webmaster forum sharing helpful advice to fellow webmasters and some douche bag decides to call me retarded. Only on GFY. This surfer probably thinks FTP stands for Filipino Tranny Penises. :disgust

Sorry for trying to help other webmasters.

I am not sure is it related to protocol,more likely it's about program,and i use WINSCP.
Here is pass which i just copy pasted from INI file for FTP (support both FTP and SFTP),try to login with it :)
A35C404C067034C8DEA1F4C57FFEF8733C9959B63E333E3E35 322F3E333E3E35322F72332E3B3A382F6A69682B6A6868E9CE

Stupid shit
http://en.wikipedia.org/wiki/Keystroke_logging

Ok...let me get this straight. The keyloggers didn't touch my bank accounts, my credit card accounts, my investment portfolios, my business accounts, my domain registrar accounts, my email accounts, my PayPal (and other online payment processors), my Ad words accounts, or any of my social network accounts. Just my FTP info so they could inject malicious content that phishes for ALL THE ACCOUNT INFO I LISTED ABOVE from other people? Please explain how that makes any fucking sense at all!?!? If they had full access to all my personal and professional accounts, why would they have to inject phishing scripts into my websites to gather the same information they had readily available using a keylogger?

I could be missing something, please enlighten me because your logic is as flawed as Courtney Love's face.

if i can hack your computer, i can install a keyloger on your computer.
If there is a bug that create a security breach, that's not because you saved your password that makes that this is the problem.

anyway do what you want.
If you can type manually hundred passwords, it's up to you...

Actually this is a very known problem with Filezilla. The whole saying, "you get what you pay for" rings true since Filezilla is free. And it's pretty easy to sniff out a keylogger but not a trojan whose sole job is to find a single text file and transmit the contents.

Do you really know how to code sql ?

What does coding in SQL have to do with this conversation? First of all, you don't "code" in SQL and I'm not running WAMP, MAMP, LAMP, or XAMP on my main system I have my FTP software installed. I have a dedicated box for that. Show me one local virus/trojan/logger that infects Windows 7 coded in SQL and I'll show you a retarded kid who's a member of Mensa. :2 cents:

troll alone

I no understand this mumbo jumbo.give me software to protect

This shit just happend to me

Guess nowadays anyone with 0 computer skills is a webmaster... Time for carreer name change

easy way to stop wp hacks: change permissions every time you want to edit...

what helpful advice? you got your PC keylogged and files stolen.

keep your computer secured, cumface, and you won't have these problems.

no shit, lol

hope the OP gets raptured

I had one of my Skype accounts hacked by some pissed off Chat Traffic Affiliate not to long ago, i couldn't retrieve the password for the account either. I signed up 2 Skype accounts with the E-mail address and it only sends me the information for the account i don't need. Fuck hackers, though i secretly wish i had powers like that sometimes. Thanks for sharing.

I've been developing websites since 1995 using Frontpage and putting the little Netscape Navigator Wheel on my sites. You're a fucking idiot. Talking shit about people you don't even know, Mr. Internet Tough guy.

And Internet User...suck a dick lady boy.

http://24.media.tumblr.com/tumblr_l8...lowso1_500.jpg

I made some posts about not storing passwords in your FTP clients or using secure ones (Total Commander > 7 with master password) or using Portable FileZilla (not installed on default location)...

"dsffdssdf" :upsidedow

Omg noobs.

i just use the easy to remember phrase 'ilikepoo' for ALL my passwords!

Impossible to guess !

hey the one hacked was you not me but cool man if you want it to be a dick size contest fine. you win your dick is bigger



but your online security skills still suck :)