WordPress.org

Ready to get started?Download WordPress

Forums

A hacker nest has been found - I need expert help (9 posts)

  1. joehark
    Member
    Posted 1 year ago #

    I host about 40 WP web sites. Over the past few months I have been in hell due to constant attacks that keep taking down my client's sites. It has caused me many hours every day, just to keep the sites alive. I have had to put about half the hosted sites into suspension just to focuses on saving the essential sites.

    But now I have an opportunity to fight back.

    I have discovered the sites where my hacker and his buddies are boasting about their attacks and posting details of how they operate. They even openly post their own names and photos. They assume that being in a far east country they are untouchable.

    I built up my business without out any technical knowledge so I do not understand what they are sharing, or how to block it. But surely someone here in WP does and I hope you are as angry as I am about what they are doing and are willing to help me stop them, protect my sites and them destroy them. Yes, destroy them.

    Anyone interested?

  2. Krishna
    Volunteer Moderator
    Posted 1 year ago #

    It seems that you are facing site defacement. Any way, it is similar to hacking, but the intruders deface everything and leave their own pages and claim responsibility. Are all your sites hosted with one hosting company? Did you alert them so that they may tighten the server side security. Also go through these:
    http://codex.wordpress.org/FAQ_My_site_was_hacked
    http://codex.wordpress.org/Hardening_WordPress

  3. joehark
    Member
    Posted 1 year ago #

    Thank you for your response. Yes, defacement and worse.

    I lease the server. I resell the hosting. This 15 year old son of bitch is destroying my business.

    Now that I have identified him and have a complete picture (literally I have his photo) of who is is and where he is and full details how he is attacking WordPress web sites, I am looking for someone here to help me stop him. I am not a programmer so I do not know the meaning of many of his acronyms but surely someoone else does. He uses them in his tutorials in the forums where he posts so they apparently are no big secret.

    Once my sites and the sites of his other victims (I have the list he posted only yesterday) are protected, I want to bring him before the authorities in his country and I want to make his idenity and actions public for his parents humiliation. They need to know and be resposnible for what they are offering the world in the way of a cold-hearted little bastard who enjoys hurting people for his own amusement.

    So, while I appreciate your response, I am looking for someone to help me as I outlined.

  4. Krishna
    Volunteer Moderator
    Posted 1 year ago #

    He uses them in his tutorials in the forums where he posts so they apparently are no big secret.

    I have seen and dealt with many such cases. But unfortunately, I have to say that hackers never give out their original identity. If he uses any such identity, that will be another fake identity.

  5. joehark
    Member
    Posted 1 year ago #

    I agree that hackers usually do not. But this guy posts personal details and even a photo of himself with his girlfriend.

    He posts his own web site URL. His personal web site page is openly registered and appears to have a valid email and phone number. He even posts links to his facebook and twitter account.

    How hard can the be to find even if he is using a fake name?

  6. Krishna
    Volunteer Moderator
    Posted 1 year ago #

    You may be right, though I have not seen any hackers revealing their identity that can be traced to a real address using which they can be brought to book. If your observation is true, he is doing so to please his girlfriend with his adventures, and he might not have tasted the ultimate outcome of his misadventures.

  7. joehark
    Member
    Posted 1 year ago #

    Well, I am hoping someone, perhaps a representative of WordPress will show some interest in what he is doing to their product and after he sees the tutorial that this creep has published, may WP will help me protect my sites from him.

    Once that is done I intend to turn the tables on him.

  8. But now I have an opportunity to fight back.

    I have discovered the sites where my hacker and his buddies are boasting about their attacks and posting details of how they operate. They even openly post their own names and photos. They assume that being in a far east country they are untouchable.

    I built up my business without out any technical knowledge so I do not understand what they are sharing, or how to block it. But surely someone here in WP does and I hope you are as angry as I am about what they are doing and are willing to help me stop them, protect my sites and them destroy them. Yes, destroy them.

    Anyone interested?

    Full and complete stop right now. Seriously.

    If you have information about illegal activities then report it to your local authorities and let them sort it out. If it's not them then they should be able to point you to the correct group that handles those complaints.

    If the authorities aren't interested then consider seeking real legal professional advice about what your actual options are.

    And if that doesn't do anything for you, go take a walk, enjoy the weather, and think happy thoughts.

    This is not the wild west, you don't attempt to round up the locals and "turn the tables on him".

    Anyone taking action to retaliate against people like that is looking to be fitted with shiny silver bracelets and having a terse conversation with some very stern people in a small room.

    Really, if you have a WordPress installation you can harden your installation/server and that will take care of it. Krishna already provided the links for that.

    I'm sorry that you've had a bad time of it with these malcontents but really, take a step back and relax. You'll only get yourself into trouble with mischief like that.

  9. HI Joe,

    I think that Jan is right. Reporting these criminals to the authorities is the best course of action. If you do seek revenge yourself you might compromise your business even more or give yourself an ulcer.

    Focusing your energy on hardening your sites would be a better way for you to spend your effort and will hopefully get them to back off. I know that I myself wouldn't feel properly adequate to go after a ring of hackers. These guys are pure nastiness and I would rather stay as far away as possible.

    I would also seek advice from your host. Perhaps they can give you guidance as to how they are accessing the site.

    With regards to resources, have a look at the free e-Book on Code Poet - http://build.codepoet.com/2012/07/10/locking-down-wordpress/
    It has great tips in there and it's very well written.

    Best of luck

Topic Closed

This topic has been closed to new replies.

About this Topic