Кто нибудь сталкивался? Приходят жалобы на мои сайты хостеру, хостер банит аккаунты.
Зараженные файлы удаляю, появляются новые. Думаю имеет место какая то уязвимость, так как через фтп к сайту вообще не конектился.
Логи жалоб:
Dear Sirs:
RSA, an anti-fraud and security company, is under contract to assist
Lloyds TSB Bank PLC and its related entities in preventing or
terminating online activity that targets Lloyds TSB Bank PLC's clients
as potential fraud victims. RSA has been made aware that you appear to
be providing Internet Services to a fraudulent website, which is part of
a "phishing scam"*. This activity violates Lloyds TSB Bank PLC's
copyright, trademark and other intellectual property rights and may
violate the criminal laws of the United States and other nations.
E-mail messages have been broadly distributed to individuals by a person
or entity pretending to be Lloyds TSB Bank PLC. These e-mails use Lloyds
TSB Bank PLC's name and identity (including trademarks) without
authorization. The e-mails request recipients to verify and submit
sensitive details related to their Lloyds TSB Bank PLC accounts. Within
the fraudulent e-mail message, there is a link that leads the recipients
to a fraudulent website displaying Lloyds TSB Bank PLC's copyrighted
materials and trademarks. The fraudulent website is located at the
following URL address
hxxp://podarochek.kiev.ua/includes/Archive/FAX/www.halifax-online.co.uk/
index.html to which you provide services and which is under your
control.
The fraudulent website not only represents a misuse of Lloyds TSB Bank
PLC's intellectual property; its purpose is to improperly obtain
personal information of Lloyds TSB Bank PLC customers in order to
fraudulently access their bank accounts. The owners of those websites
typically perpetrate identity-theft related activities, such as using
customer's credit cards or bank accounts without authorization. In
addition, since the vast majority of all of the e-mails are not being
sent to actual Lloyds TSB Bank PLC customers, the actions may serve to
damage the reputation and image of Lloyds TSB Bank PLC.
------------------------------------------------------------------------
> Скорее всего Ваш сайт был сломан, после чего под Ваш аккаунт были залиты скрипты, при помощи которых производилась рассылка спама. Для исправления данной ситуации Вам нудно изменить все пароли доступа к Вашему аккаунту (ФТП, cpanel, админ панель Вашего сайта и т.д.) и проверить Ваш сайт на уязвимости.
22.08.2020, 08:44:29