Phishing Page = Suspended Account

[jeffbro]

I received this:

It appears that your website www.romdev.net has been hacked by a fraudster. It is now hosting a phishing attack against JPMorgan Chase.
Please remove the fraudulent folders/files as soon as possible and secure your website as it has been compromised.
Please note that it is possible that the fraudulent content is embedded in your website's legitimate files.

http://www.chase.romdev.net/ChaseOnl...es&=nba/signin

In addition, please send us any source files of the attack.
Please let us know if you have any questions or need further assistance. We appreciate your cooperation.

Best Regards,

RSA Anti-Fraud Command Center
RSA, The Security Division of EMC
US Phone: +1-866-408-7525
Email: afcc@rsa.com
For more information about RSA's AFCC
http://www.rsa.com/node.aspx?id=3348


I do not know how these files/folders got on my server space. I did not create them or upload them there. I removed all I could find last night on my server space and now I am suspended again. I need some help.

[Maxim M.]

Hi,

It can be all solved within the support system ticket.
Our technicians can remove the fraudulent content with your approval and check logs for the IP it was uploaded from.

In your case it looks like FTP account's been hacked. You need to change all your hosting related passwords as soon as possible.
Use symbols and numbers to increase the password security and do not save any logon details in your browser.

[jeffbro]

I have. It just seems to take so long for Support to answer via the Ticket Submission process. Probably seems like a long time because the account is down and I get so many emails regarding that. Support has replied and hopefully are doing what needs done to secure the account to un-suspend it.

Is there any way WHB will offer support for upgrading phpbb2 to phpbb3? I have tried three times and screwed it up all three times. So for now I just leave it at version 2 that you provide thinking that if you offer it, the software should not be so vulnerable to attacks as it is.

Any chance you guys can offer updating this software to eliminate these attacks on the server?

[Maxim M.]

Hi,

We do not assist with 3rd party software upgrades.

Right now you can try out a one-click install of phpBB (3.0.7-PL1) with our Fantastico set of scripts:

http://www.netenberg.com/fantastico_scripts.php

It's available in your cPanel but you can't upgrade your current installation this way - Fantastico creates a new database.

[jeffbro]

Thank you for your reply. I'll try that.