It appears that somebody installed a phishing page content on one of my domains

it only had a single html page so there was no cms-based attack vector.

Hacked ftp account or is this bleed-over from another shared hosting account?

Google+: View post on Google+

.

One Reply to “It appears that somebody installed a phishing page content on one of my domains”

  1. An site that had it's own FTP login appears to be 'protected'. So maybe something got installed on one of the domains with a shared FTP and it was able to spread sideways to other accounts with the shared ftp login?

Leave a Reply