21 May
2013
21 May
'13
2:05 p.m.
From: Philipp Duffner philipp@phphaus.com
...so I thought! Today the website got hacked again - the same exploit on the pages, meaning same attacker. And again I can see nothing suspicious except for the successful FTP logon just before the modification time of the infected html/php: ... I know for a fact it couldn't have been the website owner because I didn't give him the new FTP password yet.
How did you change the password? Remotely? Did you check your own PC?
JD