Blogs Hacked & Redirected to BigAndBest.com

Blogs Hacked & Redirected to BigAndBest.com

Written by Mohammed Farooq

Topics: How to, News

Yesterday, I Found my site stylosoft.com got hacked by someone and redirected to news.bigandbest.com the biggest problem I see that. Stylosoft.com/post-title also redirects & all of my Articles are published there; they fetched Article from Different Blogs & published in their blog. They own a multi blog and fetching articles from different blogs to different 12 sub-domains. There sub-domains are given below:-

business.bigandbest.com (2871 Articles)

design.bigandbest.com (3722 Articles)

dev.bigandbest.com (722 Articles)

health.bigandbest.com (313 Articles)

blackbox.bigandbest.com (3348 Articles)

themes.bigandbest.com (603 Articles)

cars.bigandbest.com (2155 Articles)

mobile.bigandbest.com (1022 Articles)

news.bigandbest.com (852 Articles)

tech.bigandbest.com (3208 Articles)

binzphone.bigandbest.com (3018 Articles)

yum.bigandbest.com (8209 Articles)

Total 30043 Articles got publish in bigandbest.com from hundred of blogs.

My Blog Security Break by them:-

  • Anti-Virus Plugin
  • Login Locked Down
  • .htaccess
  • Maximum Permission 644 for all files
  • Difficult Cpanel Password
  • Custom Username & Password for wp-admin login.
  • And many others security fixes I have in my blog.

Solution:-

They bloody folks just fetch articles first and by accessing the site and add 1 php extension file named called alaa.php (Hidden). This redirects your domain & all pages to their domain sub-domain.bigandbest.com.

You just delete that file which is hidden access hidden files by using ftp. (FileZilla or cuteFTP). After deleting that file your site will work properly.

Change these things in your Blog:-

  • Cpanel Password
  • .htaccess Permission (644 Recommend)
  • Change WordPress Username/Password

Change your secret keys.

  • If they stole your password and are logged in to your blog, even if you change your password they will remain logged in. How? Because their cookies are still valid. To disable them, you have to create a new set of secret keys. Visit the WordPress key generator to obtain a new random set of keys, then overwrite the values in your wp-config.php file with the new ones.
  • Read Donncha O Caoimh’s guide on what to do.
  • Once your site is secured, check your site logs to see if you can discover how the hack took place. Open source tools like OSSEC can analyze your logs and point to where/how the attack happened.

I filed complained about them:-

Adsense:-

They’re using adsense for monetizing their website. I have filed complain to adsense to block that domain. In the near future it will be block.

I have all the log files. I told about this to Cyber Police. May be they will take action about them for hacking & copyrights infringements.

More Discussion will be continue in comments 🙂

Comments

comments

6 Comments For This Post I'd Love to Hear Yours!

  1. Mobile websites says:

    Give more information about the black hacked & redirected topic in the next article in this blog.Add more features for the readers.Thanks

  2. Katty Smith says:

    It was extremely interesting for me to read that post. Thanx for it. I like such themes and anything connected to this matter. I definitely want to read a bit more soon.

    Katty Smith
    las vegas couples escorts

  3. Usman says:

    How to protect ?

Leave a Comment Here's Your Chance to Be Heard!