Hacked again!

So, once again we’ve been hit by the pharma spam.

After lots of hair-pulling and scouring blog after blog after blog reading about other people’s experiences dealing with a pharma spam hack and the often long road to recovery, we’re almost certain the volunteerincambodia.org domain is clean. 3 separate security scans and cleanses by our hosts Host Gator have found 7 files that were either placed by hackers, or had malicious code injected into the file.

From all accounts, this kind of hack does not affect users. Google’s safe browsing scanner and numerous online scanners confirmed we were, and currently are not, infected by malware – malicious software which targets users, it simply destroyed our search engine results:

Damn you Pharma Spam!

Please bear with us while our cleaned sitemaps pass through the Google system. We anticipate search results to appear suspicious for at least the next 7 days.

Are applicant details safe?

Yes. Applicant details are not stored on the server, and there is no risk of virus, malware, spyware or spam to users own PC’s when using our website.

What files were hacked?

Our theme uses Uploadify. The version used by the theme was 3.0, which has been superseded by 3.2. The old code was vunerable to a hacker using the application to upload a seemingly innocuous file named custom_dz.jpg. Instead of an image, this file was full of the suspect code. Uploadify has been updated to the latest version 3.2, which has been rewritten to deal with this very vulnerability.

We also had various test CMS systems, old databases, and old files. These were another vulnerability.  As the test CMS installations were not actively maintained, various executable scripts had become outdated. Swift_SMTP_quartic.php, from an old install of CMS Made Simple, and an outdated file in PHPList, a common mailing list application, were used to inject files with nasty code.

So how does a hacker gain access to our server?

We used randomly generated 12 character alpha-numeric passwords for FTP, cPanel, and our WordPress installation but somehow the hackers managed to get through this.

For reference, our weakest password would take a desktop PC 276 days to crack:

Our weakest password

Our strongest, 25 thousand years.

Our old password

Test your own passwords. You might be shocked how quickly they can be cracked. How Secure is My Password?

We now have 20 character passwords, randomly generated, which include letters, numbers, and other symbols. We’re pretty confident of the security of the new password:

Our new password

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

*