I had nightly backups on two servers. All are gone.
I had offsite backups. They are gone.
They got in all the way to the cpanel and deleted databases under two domains. I am currently working to try and get back into the site enough to fix it.
And no. I don’t think it was Islamics. Here’s a list of the recent hits on my site:
Oceanside California United States
gate23-sandiego.nmci.usmc.mil (138.162.140.53)
Oceanside California United States
gate25-sandiego.nmci.usmc.mil (138.162.140.55)
Halifax Nova Scotia Canada
iusr5.gov.ns.ca
Washington District Of Columbia United States
weppsb02.northropgrumman.com (155.104.37.18)
Washington District Of Columbia United States
70.106.14.174
Dhahran Ash Sharqiyah Saudi Arabia
166.87.170.50
Amman Jordan
86.108.92.154
Colorado Springs Colorado United States
fwcluster.mda.mil (140.32.120.188)
Halethorpe Maryland United States
firewall.arinc.com (144.243.4.2)
Montgomery Alabama United States
proxy.maxwell.af.mil (132.60.240.80)
Springfield Missouri United States
unassigned.fema.gov (71.252.64.50) FEMA.GOV
Gaithersburg Maryland United States
roanoke.ncsl.nist.gov (129.6.101.38) NIST
Gaithersburg Maryland United States
rhine.ncsl.nist.gov (129.6.101.11) NIST
Also entries from guildassociates.com. GO to that site.
Anyone who has ANY of my old material on the Pendleton 8, please email me asap. kit.lange@gmail.com
Thanks so much.
I did some digging and see that you are hosted at ThePlanet.. I know for a fact that they do nightly backup of their servers.. so while its going to cost a bit.. any way you can call them and get it restored back to say.. last night? At least the site would be back.
As to the hack.. its a pretty common problem with wordpress.. seems there is a hack that exploits the input validation error in the wp-login.php file when processing a specially crafted variable, can be used to manipulate the “Forgotten Password” option.
Can you still log into the back end of wordpress or did they change your password as well?
I hope you can get the site up and running again.. I cant stand hackers no matter who they are.
Ping for any assistance and cached info ASAP.
A wing and a prayer for our heroes and those defending them.
THIS IS A LIST FROM EUPHORIADEV AS TO WHAT WAS DONE AND WHO RECENTLY VISITEDD HER SITE. NOTE ALL THE MILITARY SITES THAT VISITED HER SITE RECENTLY
I had nightly backups on two servers. All are gone.
I had offsite backups. They are gone.
They got in all the way to the cpanel and deleted databases under two domains. I am currently working to try and get back into the site enough to fix it.
And no. I don’t think it was Islamics. Here’s a list of the recent hits on my site:
Oceanside California United States
gate23-sandiego.nmci.usmc.mil (138.162.140.53)
Oceanside California United States
gate25-sandiego.nmci.usmc.mil (138.162.140.55)
Halifax Nova Scotia Canada
iusr5.gov.ns.ca
Washington District Of Columbia United States
weppsb02.northropgrumman.com (155.104.37.18)
Washington District Of Columbia United States
70.106.14.174
Dhahran Ash Sharqiyah Saudi Arabia
166.87.170.50
Amman Jordan
86.108.92.154
Colorado Springs Colorado United States
fwcluster.mda.mil (140.32.120.188)
Halethorpe Maryland United States
firewall.arinc.com (144.243.4.2)
Montgomery Alabama United States
proxy.maxwell.af.mil (132.60.240.80)
Springfield Missouri United States
unassigned.fema.gov (71.252.64.50) FEMA.GOV
Gaithersburg Maryland United States
roanoke.ncsl.nist.gov (129.6.101.38) NIST
Gaithersburg Maryland United States
rhine.ncsl.nist.gov (129.6.101.11) NIST
Also entries from guildassociates.com. GO to that site.
Anyone who has ANY of my old material on the Pendleton 8, please email me asap. kit.lange@gmail.com
Thanks so much.
How did they access your offsite backups?
Development of a yeast biosensor-biocatalyst for the detection and ...Guild Associates Inc., 1313B Ashley River Road, Charleston, SC 29407, USA. dschofield@guildassociates.com. Organophosphate (OP) poisoning can occur through ... www.ncbi.nlm.nih.gov/pubmed/17665192 - Similar pages