Website database hacked (possibly by BetExpress affiliate)

**webber286** · 3 April 2011, 4:12 am

Went to check our stats tonight and found that we had the same amount of traffic as usual, but far fewer click-thrus than usual. This prompted me to check out the front-end of our website to see why. What I found was that our home page and two of our sub-pages were now forwarding to BetExpress via a bit.ly address. A hacker apparently got into our SQL database and added some Javascript to a few of our website listings. We have corrected the situation and our website is coming up properly now.

Not sure what I can do about it at this point, but thought it should be brought to everyone's attention that BetExpress should clearly be avoided.

**LuckyBettors - Jamie** · 3 April 2011, 5:35 am

Originally Posted by webber286

Went to check our stats tonight and found that we had the same amount of traffic as usual, but far fewer click-thrus than usual. This prompted me to check out the front-end of our website to see why. What I found was that our home page and two of our sub-pages were now forwarding to BetExpress via a bit.ly address. A hacker apparently got into our SQL database and added some Javascript to a few of our website listings. We have corrected the situation and our website is coming up properly now.

Not sure what I can do about it at this point, but thought it should be brought to everyone's attention that BetExpress should clearly be avoided.

First how do you know they done it? Before throwing around accusations it would be best to investigate that it wasn't another affiliate first.

**pokerbanter** · 3 April 2011, 5:54 am

I would be very surprised if it was the poker program doing it. Why would they ? If they wanted to cheat you they could easily just adjust your stats. Looks like you have been had by a hacker outside the program. Does anyone else have access to your ftp or cpanel ? First port of call would be to contact the affiliate and let them know all tyhe details. They can then use the tracking to see who the affiliate is and boot them off the program. Definitely should chanhge the title of this thread !!!!

**LuckyBettors - Jamie** · 3 April 2011, 5:58 am

Originally Posted by pokerbanter

Definitely should chanhge the title of this thread

Totally agreed. No Program would do this, it is obvious it was a hacker not the program.

**universal4** · 3 April 2011, 9:17 am

I agree, I changed the thread title for now, if this needs adjusted again, just get in touch with Anthony or Paolino.

Rick
Universal4

**webber286** · 4 April 2011, 1:47 am

Fair enough guys, I saved the bit.ly code that was inserted, so they should be able to track the perpetrator. As a side note, this was discovered at about 2am on a Saturday night, so we quickly did some work to fix the problem and then take some additional security measures. I wanted to post here right away to let the community know and was a little frazzled by the situation. Also, we are not affiliates with BetExpress ourselves, had actually never heard of them before this, will report back with any response from them.

**LuckyBettors - Jamie** · 4 April 2011, 5:21 am

Originally Posted by webber286

Fair enough guys, I saved the bit.ly code that was inserted, so they should be able to track the perpetrator. As a side note, this was discovered at about 2am on a Saturday night, so we quickly did some work to fix the problem and then take some additional security measures. I wanted to post here right away to let the community know and was a little frazzled by the situation. Also, we are not affiliates with BetExpress ourselves, had actually never heard of them before this, will report back with any response from them.

Please keep us posted. I understand how you might have been feeling. I probably would have posted similar too.

**webber286** · 5 April 2011, 1:07 pm

They hacked our database a second time yesterday and we have taken additional security measures to keep them out. So far, so good today.

James at BetExpress responded to my inquiry right away and did some investigation. He found that the offending affiliate account had been setup as a dummy registration in their system. He has sent an email to the affiliate and locked their account, so I have to give them some props for being very responsive to this situation.

**universal4** · 5 April 2011, 1:31 pm

They should be named and shamed.

I for one would not want to do business with whoever is behind this.

Rick
Universal4

**Simmo!** · 5 April 2011, 2:41 pm

Just an aside: if you are trying to track rogue affilite links be it from hacking, spam, cloaked links etc, the easist way is to use Firefox, click the link, then in FF go to Tools / Options / Privacy anc click "Show Cookies". It should show you the affiliate's ID or Tracking Code which you can pass to the program to investigate.

**Webzcas** · 6 April 2011, 11:10 am

I signed up to and utilise Sucuri.net to monitor my sites. These guys are very good and will also do an indepth scan of your entire site for backdoors etc. Well worth $60 a month.

**allfreechips** · 11 April 2011, 6:27 pm

most common issue is SQL injection or allowing fopen in PHP

Thread: Website database hacked (possibly by BetExpress affiliate)

LinkBack

Thread Tools

Search Thread

Display

Website database hacked (possibly by BetExpress affiliate)

The Following User Says Thank You to pokerbanter For This Useful Post:

The Following User Says Thank You to webber286 For This Useful Post:

The Following User Says Thank You to Simmo! For This Useful Post:

Posting Permissions