[Coco] CoCo3.com hijacked? -- WAS remtube demos - scaling, 3-D, SID player...
Roger Taylor
operator at coco3.com
Fri May 21 14:17:41 EDT 2010
At 12:04 PM 5/21/2010, you wrote:
>I'm not sure whether Roger is done with the repairs, but, today it appears a
>different re-direct is happening. I'm getting a www1.cosmosave7.com redirect
>today. This is on a machine that's never been to coco3.com. It tries to load
>a fake scanning page showing your system is badly infected. I stopped it
>before I got to the sales pitch that usually follows.
>
>If you disable JS on your browser for coco3.com, this does not happen.
>WordPress are obviously the target this time around as several I frequent
>have been attacked.
The site is not redirecting any more, and another backup has been made.
BlueHost should be ashamed, as should every other hosting company
that let these backdoor intruders waltz right into their servers and
alter thousands of blog sites.
It's the cleanest but most persistent hacker job I've seen because
the rats didn't go trash the place and damage databases, but trying
to fix all the .php files by hand is impossible. WordPress and all
the plug-ins is a massive file structure.
--
~ Roger Taylor
More information about the Coco
mailing list