PHP Developers Network

Phishing Attack on Another Website
Page 1 of 1

Author:  ambaum2 [ Sat May 12, 2012 4:12 pm ]
Post subject:  Phishing Attack on Another Website

I have been a developer for a few years and have not had much experience with phishing attacks. I work for an organization and yesterday they were subject to a phishing attack. I contacted the webmaster and no response. So we notified our members and our legal department contacted the sites host but no response yet. Out of curiosity I looked around on the site (a little wordpress blog) where the phishing page was and this file manager popped up and I was able to see everything the hackers did. The cloned login page of the our site and the php file that would store the usernames and passwords in a text file and email the hacker. So I copied the emails and notified those members and blocked their accounts. It looks like the hackers got the wordpress admin password and uploaded this tool "exploit db" into the uploads directory. Is this normally how these phishing attacks work and should I be able to see this tool? Or are these hackers just not very good? Also is there anything I can do? - if I delete the files they just put them back up. I did manage to change the hackers email address and he hasn't noticed so far. I'm just wondering if anyone has suggestions don't know if this was the right place to post.

Author:  requinix [ Sat May 12, 2012 6:20 pm ]
Post subject:  Re: Phishing Attack on Another Website

Are you sure it started off with phishing? That has to be combated with education for the privileged users and a good security model to restrict the access of the underprivileged users. Plus no security holes in the software but that's a given.

Author:  social_experiment [ Mon May 14, 2012 6:26 am ]
Post subject:  Re: Phishing Attack on Another Website

Page 1 of 1 All times are UTC - 5 hours
Powered by phpBB® Forum Software © phpBB Group