- 이 주제에는 1개 답변, 1명 참여가 있으며
가 1 년, 5 월 전에 전에 마지막으로 업데이트했습니다.
- 게시글
제목 : Your Site Has Been Compromised
보낸 사람 : Hacker <no-reply@tokomamatina.nl>
내용 :
Your Website Has Been CompromisedYour Site Has Been Hacked
PLEASE F0RWARD THIS EMAIL T0 SoME0NE IN YoUR C0MPANY WHo iS ALL0WED To MAKE IMPORTANT DECISI0NS!
We have hacked y0ur website and extracted your databases.
How did this happen?
our team has f0und a vulnerability within y0ur site that we were able to expl0it. After finding the vulnerability we were able t0 get y0ur database credentials and extract your entire database and m0ve the information t0 an 0ffshore server.
What does this mean?
We will systematically go thr0ugh a series 0f steps 0f totally damaging your reputati0n. First y0ur database will be leaked 0r s0ld to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their inf0rmati0n has been s0ld 0r leaked and your site was at fault thusly damaging your reputati0n and having angry cust0mers/associates with whatever angry customers/associates do. Lastly any links that y0u have indexed in the search engines will be de-indexed based off 0f blackhat techniques that we used in the past to de-index our targets.
How do i stop this?
We are willing t0 refrain from destr0ying your site’s reputati0n for a small fee. The current fee is $3000 in bitcoins (0.15 BTC).
Please send the bitcoin to the foll0wing Bitcoin address (C0py and paste as it is case sensitive):
3GUtrSpxpYwgY1qahtPTJ6Goagm2fRkB6R
once y0u have paid we will aut0matically get inf0rmed that it was y0ur payment. Please n0te that y0u have t0 make payment within 3 days after 0pening this e-mail or the database leak, e-mails dispatched, and de-index 0f y0ur site WiLL start!
H0w d0 i get Bitcoins?
Y0u can easily buy bitcoins via several websites or even 0ffline fr0m a Bitcoin-ATM.
What if i d0n’t pay?
if y0u decide not t0 pay, we will start the attack at the indicated date and uphold it until y0u do, there’s n0 counter measure to this, y0u will only end up wasting m0re money trying to find a solution. We will c0mpletely destroy y0ur reputati0n am0ngst go0gle and y0ur cust0mers.
This is not a h0ax, do not reply to this email, don’t try to reas0n or negotiate, we will not read any replies. 0nce y0u have paid we will st0p what we were d0ing and you will never hear fr0m us again!
Please note that Bitcoin is anonym0us and n0 one will find out that y0u have complied. Finally don't reply as this email is unm0nit0red.
진짜로 해킹한 건가요?
어떻게 해야 하나요?- 현재 워드프레스 PHP 7.3 / MySQL 5.7 환경에서 이용 중인데 워드프레스에 "사이트가 오래된 버전의 PHP (7.3.25)에서 작동중이며 보안 업데이트를 받지 못합니다. 업데이트 하세요."라는 문구가 계속 노출되서 호스팅 업체에 PHP 7.4 / MySQL 8.0로 업데이트 요청한 상태입니다.
- UpdraftPlus Backup/Restore 플러그인에 백업은 해두었습니다.
- SSL은 Really Simple SSL 플러그인 설치되어 있는데 "SSL is activated on your site. You still have 7 tasks open."라고 뜨면서 43%만 progress 중이라고 합니다.
"Automatic certificate detection is not possible on your server." 경고가 떠 있고요.
"To prevent attackers from identifying the renamed administrator, activate the 'Disable User Enumeration' setting."이 open되어 있어서 fix하러 들어간 후 "Disable user enumeration" 옵션을 켜고 save를 하는데도 이상한 게 complete가 안 됩니다. 계속 fix하라고 open인 상태입니다.워드프레스 웹사이트 보안 전문가 분들 도와주세요.
- 답변은 로그인 후 가능합니다.