Best Blackhat Forum

Major Update:

As the top request in our wishlist by many members, finally we have finished implementation of organic SEO Services. It's been put available in the membership area and you can order directly in the workshop section.

In regards to your business agency website update, please send us a message via Brand Submission Page with your corresponding information at your convenience, we will updated your site accordingly.

Thanks again for your guys and we always look forward to hearing your ideas/suggestions.

Best Wishes!
Sheng

Okay.. so here it ends my association with this Person/Company ..( They never mentioned name in email exchange. On asking, I was told in short "Chris". No where in site, the name is mentioned in About section. Very anonymous throughout.)

Today I found in my server WARNING that since 24th June, there were daily 1000 or 2000 mails sent from my admin mail. I immediately checked the date I shared the server details with you. that was on 20th Jun. I knew my server is compromised. I thought, it may be you or some of your team.

Checked with server support. In 10 min, they found the malicious script under the domain you installed your website for me. Quickly deleted the script.

/home/admin/domains/****/public_html/wp-includes/pomo directory

I knew it is difficult to trust some unknown guy on a blackhatforum. I should not have gone ahead with this BSO.
Lessons learnt. Never share your server details.

Thanks for teaching me the lesson.

(07-21-2015 04:31 AM)Harrylaw Wrote: [ -> ]Okay.. so here it ends my association with this Person/Company ..( They never mentioned name in email exchange. On asking, I was told in short "Chris". No where in site, the name is mentioned in About section. Very anonymous throughout.)

Today I found in my server WARNING that since 24th June, there were daily 1000 or 2000 mails sent from my admin mail. I immediately checked the date I shared the server details with you. that was on 20th Jun. I knew my server is compromised. I thought, it may be you or some of your team.

Checked with server support. In 10 min, they found the malicious script under the domain you installed your website for me. Quickly deleted the script.

/home/admin/domains/****/public_html/wp-includes/pomo directory

I knew it is difficult to trust some unknown guy on a blackhatforum. I should not have gone ahead with this BSO.
Lessons learnt. Never share your server details.

Thanks for teaching me the lesson.

Sorry to hear about the bad things on your website/server.

The reason we asked cpanel access is simply to set up real Done-For-You business website, that means when it's complete, it will be ready to go while you won't need to do anything, we just tried to eliminate as much work as possible from your end. As most hosting companies don't provide direct database access, cpanel is the ideal way to set up a website.

In addition, we never disclosed members' website or server access to any third party or use them for whatever purposes(if we have any plans for that, we will definitely notify in advance).

As for the website, it doesn't have malicious script/malware while we set up on your server, that is 100% Guaranteed.
I'm not sure if you have changed simple passwords or not, or disclose any access by accident, or maybe involved with other sites if possible..etc, there are too many causes, but we will never put up any malicious script on any website.

I'm not sure about other members, but we didn't receive messages from any other member telling malicious or mass email sending issues. We do apologize for that, and if you want, simply send us another email, we will fix any problem you have.

Best wishes!

Perhaps you didn't read my post !!!

I m repeating again.

1. I gave you server access to install wordpress on the domain.
2. You installed wordpress and also installed a malicious script mass emailing in the wp-include folder. Thankfully my hosting support found it and deleted.

/home/admin/domains/****/public_html/wp-includes/pomo directory

3. I noticed this after a month later. My server had several WARNING messages that 1000 mails are being sent daily from my admin mail.


I don't need to tell you what are the consequences for us. Our hosting would kick us out and mails from that domain will never land in INBOX now due to your ill business practice.

Can you explain why did you install a malicious script along with Wordpress installation.You used my server for your benefits. I want refund for 2 months I paid. This is not at all acceptable.

We read every single word of what happened on your site.
It seems you didn't understand what I'm saying.

The malicious script you mentioned are 100% put up later, not by us while we set up your business website initially.

For all other members, if you found any malicious script on your business agency website, feel free to post here and share with everyone.

Again if you still need help, contact us at any time. But we won't discuss the topic any more.

(07-21-2015 04:31 AM)Harrylaw Wrote: [ -> ]Okay.. so here it ends my association with this Person/Company ..( They never mentioned name in email exchange. On asking, I was told in short "Chris". No where in site, the name is mentioned in About section. Very anonymous throughout.)

Today I found in my server WARNING that since 24th June, there were daily 1000 or 2000 mails sent from my admin mail. I immediately checked the date I shared the server details with you. that was on 20th Jun. I knew my server is compromised. I thought, it may be you or some of your team.

Checked with server support. In 10 min, they found the malicious script under the domain you installed your website for me. Quickly deleted the script.

/home/admin/domains/****/public_html/wp-includes/pomo directory

I knew it is difficult to trust some unknown guy on a blackhatforum. I should not have gone ahead with this BSO.
Lessons learnt. Never share your server details.

Thanks for teaching me the lesson.

Hey man,

I have also the pomo directory....
What was the malicious file, so I can check?

Thank you.

Well, the mass mailing malicious script was inside your wordpress installation. And you didn't Install???
And the mass mailing started immediately the day after.

If you can't understand this, then you certainly 100% did not read my post. Better comprehension needed on your part.

I m reporting anayway. I like your defiance inspite of clearly mentioning what happened.
I would expect such replies anyway, if someone caught installing malicious script.

@Xell, don't know the name of file, Inside that directory my hosting support deleted the file.
They gave me the location as this directory.

Just check with your hosting support. They can do a search at least. If not found, then you are lucky.

My hosting found this same issue and suspended my account. They said the same thing about email spamming. I thought it was my fault but then checked. Now I see what you mean.

OP you got to do some serious explanation. This is not cool. If I had any clients and paid you for their website, you would have probably done the same thing... I cant imagine :/ this would have killed my reputation and put me into legal stuff.

I am not blaming you straight up. BUt how do you explain 3-4 people facing the same issues?

Speak up now. Prove us wrong.

Still not sure why you needed the cpanel logins when you could easily upload your wordpress theme directly from dashboard :/ hmmm

Man, I was getting excited to send you clients and then you F@$%^ up.. #smh #fml

Wow - was just about to jump on board with this.

What the hell is going on?