Weekend


I am tired now, very tired. Friday morning started great, got up and went running. That felt good. When I got home I had a message waiting for me from the CTO of a credit union in Portland saying that my website was being used for a phishing attack on the credit union customers. No way! That sucks! I quickly got onto my web server and started to check things out as I called the CTO. It appears that my web server was compromised through Dotnetnuke. I haven’t updated it in a while and apparently there is a massive security hole in the version that I was running. This exploit allowed the attacker to upload files to my web server. They installed a piece of software that collects data from web site forms. An an instance of WAMP to run the fake site and allow them to collect data from the phishing attack. I have all the logs and folders from the attack and will turn everything over to the authorities. I must once again say, that sucks!

Information and Links

Join the fray by commenting, tracking what others have to say, or linking to it from your blog.

Information
October 11th, 2008
No Responses
Feeds and Links
Comment Feed
From This Author
Del.icio.us
Digg
Technorati
Categories
General

Other Posts

Write a Comment

Take a moment to comment and tell us what you think. Some basic HTML is allowed for formatting.

Reader Comments

Be the first to leave a comment!



Kontera DynamiContext Plugin plugged in.
Skip to toolbar