Originally Posted by
cordelli
This is actualy fairly common, we went through it a couple months ago at the office.
Using different issues in security, people are hacking into ISP's and making global changes to all the websites they can get access to. It doesn't need your username or password, it's just going directory by directory on the server making changes. It almost always happens on weekends so it goes unnoticed until the business day on Monday.
Interesting. That explains why only my webpages were changed, but not other .htm pages that internal defaults, e.g. "404 Not Found" and the like. What amazes me is it happened at least twice, as I had uploaded cleaned versions an hour or so before Peetah noticed my site was compromised again. Judging by the change dates of the files, there were three separate attacks -- one last week, one on Saturday, and then the one tonight. I just checked and everything looks okay now.
Your host needs to stop it, so drop them a note if you haven't done so already and let them know. If you use your host to keep any personal files like passport copies or anything like that so you can access them, consider they may have been compromised, and get them off there.
It's not fun to fix, but they go from host to host doing this
I did just that -- sent two trouble tickets and pulled off my passport copy. Hmmm. There are a bunch of photos of FlyerTalkers from one of BJ's Redwood Grill Dos still up.
