Website Hacking Attack
Hacking Attempt from IP 126.96.36.199/8
An unsuccessful attempt to hack my website graphicline.co.za was made Friday 21 October 2011 shortly before 15h00 SAST (13h00 GMT).
The attempt was first identified by repeated 404 ‘page not found’ and 403 ‘access forbidden’ messages resulting from the hacker using URLS while trying to get access to the server and website setup files, and to log-in to unauthorised and prohibited areas of the website and server. The server is set to send notifications to me of 404, 403 and similar errors.
The attack originated from a business on the corner of Jumeirah Road and Sheikh Rashid Road, Juneirah, Dubai, United Arab Emirates. The business is located in a warehouse or freight depot. Identified from the IP addresses used during the attack – IP 188.8.131.52 and 184.108.40.206. It appears two hackers were working simultaneously.
I should thank these ill intended persons for testing the security of the website and server. Each incident is an opportunity to examine security, to improve the strength of the server environment.
IP 220.127.116.11 & 18.104.22.168 Blacklisted
Project Honeypot (a distributed system for identifying spammers and spambots) has listed these and other IP’s in the range as a Spam Harvester, Comment Spammer, and Rule Breaker. The IP range can now also be considered in use for Malicious purposes.
Latest in series of attacks
This attack follows on from previous attempts to disrupt this website (Graphicline.co.za Web Site Malware Attack), and confirms the earlier incident, as well as another possible unconfirmed attempt, was likely the work of cyber criminals employed by a local business person with ties to the Middle East and Asian Sub-Continent. These criminals are possibly connected to a black-hat SEO operation.
IP 22.214.171.124 & 126.96.36.199 Used by Hackers and Spammers
188.8.131.52 & 184.108.40.206 and the following list of related IP addresses is in active use by hackers and spammers
BLock access to your websites and blogs from al these IPs – the people using this IP range have nothing but ill intentions. It surprises me they have the temerity to search the net (resulting in a visit ot this blog) to find out why their IP is blocked.
If you are an innocent person using this IP for internet connectivity – get a new service provider. The people using these IP addresses are cyber criminals of the worse type.
Updated: February 17, 2012 16h23 GMT
- DDoS and SQL injection are hot topics on hacking forums (infoworld.com)
- DDoS and SQL Injection Are Main Topics on Hacking Forums (pcworld.com)
Posted on October 21, 2011, in Internet, Internet Security, Malware, Virus, Trojans, Security Threats, Websites and tagged Black Hat SEO, Company News, Crime, Cyber Crime, Dubai, Hacking, Internet Security, IP Address, malware, Security Risks, United Arab Emirates, Website. Bookmark the permalink. 2 Comments.