All my images points to different address! possible hacker attack? All my images points to different address! possible hacker attack?
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

All my images points to different address! possible hacker attack?

Started by artpapa, February 20, 2009, 11:09:06 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

artpapa

Hi. I had weird problem happens , somehow addresses of my images has been changed, instead the my gallery domain http://www.antonovart.com/gallery/  they are  start pointing to the http://www.google.com/gallery/.
I didn't change anything for a long time,  this is happened just couple days ago.
I don't know what to think, maybe   possible hacker attack?
Please help me where to look at!
He is the link with disappeared images: http://www.antonovart.com/gallery/

Ludo

Check your Coppermine URL under Configuration > General settings

artpapa

Quote from: Ludo on February 20, 2009, 11:43:54 AM
Check your Coppermine URL under Configuration > General settings
URL under Configuration > General settings is normal:   http://antonovart.com/gallery/

persianprince

Your gallery has been compromised.

In your /albums folder, you will have a .htaccess file which is redirecting all your images to Google.com.


Fabricio Ferrero

Yes, an existing .htaccess file it might be the reason of your problem. Anyways, update! If don't you are in risk to be hacked.
Read Docs and Search the Forum before posting. - Soporte en español
--*--
Fabricio Ferrero's Website

Catching up! :)

artpapa


McKenzie

What is written in that file? If there is only the forwarding to gooale gallery you can delete it.

Joachim Müller

You already have been hacked. There's no saying if the payload in the .htaccess file is all that the malevolent script kid has left behind. You need to sanitize your entire webspace as suggested in the thread "Yikes, I've been hacked! Now what?". Don't take this lightheartedly, this is serious.