Results 1 to 12 of 12
  1. #1
    webber286 is offline Private Member
    Join Date
    April 2006
    Posts
    107
    Thanks
    22
    Thanked 12 Times in 10 Posts

    Default Website database hacked (possibly by BetExpress affiliate)

    Went to check our stats tonight and found that we had the same amount of traffic as usual, but far fewer click-thrus than usual. This prompted me to check out the front-end of our website to see why. What I found was that our home page and two of our sub-pages were now forwarding to BetExpress via a bit.ly address. A hacker apparently got into our SQL database and added some Javascript to a few of our website listings. We have corrected the situation and our website is coming up properly now.

    Not sure what I can do about it at this point, but thought it should be brought to everyone's attention that BetExpress should clearly be avoided.

  2. #2
    Players Luck - Jamie's Avatar
    Players Luck - Jamie is offline Public Member
    Join Date
    July 2009
    Location
    New Zealand
    Posts
    644
    Blog Entries
    2
    Thanks
    119
    Thanked 56 Times in 47 Posts

    Default

    Quote Originally Posted by webber286 View Post
    Went to check our stats tonight and found that we had the same amount of traffic as usual, but far fewer click-thrus than usual. This prompted me to check out the front-end of our website to see why. What I found was that our home page and two of our sub-pages were now forwarding to BetExpress via a bit.ly address. A hacker apparently got into our SQL database and added some Javascript to a few of our website listings. We have corrected the situation and our website is coming up properly now.

    Not sure what I can do about it at this point, but thought it should be brought to everyone's attention that BetExpress should clearly be avoided.
    First how do you know they done it? Before throwing around accusations it would be best to investigate that it wasn't another affiliate first.
    Jamie Blake
    Skype: wga-jamie


    Best online casinos - Division of Players Luck Gaming

  3. #3
    pokerbanter is offline Private Member
    Join Date
    January 2011
    Location
    Scotland
    Posts
    61
    Thanks
    10
    Thanked 19 Times in 14 Posts

    Default

    I would be very surprised if it was the poker program doing it. Why would they ? If they wanted to cheat you they could easily just adjust your stats. Looks like you have been had by a hacker outside the program. Does anyone else have access to your ftp or cpanel ? First port of call would be to contact the affiliate and let them know all tyhe details. They can then use the tracking to see who the affiliate is and boot them off the program. Definitely should chanhge the title of this thread !!!!

  4. The Following User Says Thank You to pokerbanter For This Useful Post:


  5. #4
    Players Luck - Jamie's Avatar
    Players Luck - Jamie is offline Public Member
    Join Date
    July 2009
    Location
    New Zealand
    Posts
    644
    Blog Entries
    2
    Thanks
    119
    Thanked 56 Times in 47 Posts

    Default

    Quote Originally Posted by pokerbanter View Post
    Definitely should chanhge the title of this thread
    Totally agreed. No Program would do this, it is obvious it was a hacker not the program.
    Jamie Blake
    Skype: wga-jamie


    Best online casinos - Division of Players Luck Gaming

  6. #5
    universal4's Avatar
    universal4 is offline Forum Administrator
    Join Date
    July 2003
    Location
    Courage is being scared to death...and saddling up anyway. John Wayne
    Posts
    28,340
    Thanks
    2,301
    Thanked 7,989 Times in 5,045 Posts

    Default

    I agree, I changed the thread title for now, if this needs adjusted again, just get in touch with Anthony or Paolino.

    Rick
    Universal4
    Gambling World Online Roulette Online Blackjack Live Online Games Sports Betting Horse Racing
    Casino Affiliate Programs
    Hosting and Domain Names
    Gambling Industry Association
    GPWA Moderation by Me and My Big Bad Security Self
    If an affiliate program is not small affiliate friendly (especially small US Affiliate), then they are NOT Affiliate Friendly!

  7. #6
    webber286 is offline Private Member
    Join Date
    April 2006
    Posts
    107
    Thanks
    22
    Thanked 12 Times in 10 Posts

    Default

    Fair enough guys, I saved the bit.ly code that was inserted, so they should be able to track the perpetrator. As a side note, this was discovered at about 2am on a Saturday night, so we quickly did some work to fix the problem and then take some additional security measures. I wanted to post here right away to let the community know and was a little frazzled by the situation. Also, we are not affiliates with BetExpress ourselves, had actually never heard of them before this, will report back with any response from them.

  8. The Following User Says Thank You to webber286 For This Useful Post:

    AK (8 April 2011)

  9. #7
    Players Luck - Jamie's Avatar
    Players Luck - Jamie is offline Public Member
    Join Date
    July 2009
    Location
    New Zealand
    Posts
    644
    Blog Entries
    2
    Thanks
    119
    Thanked 56 Times in 47 Posts

    Default

    Quote Originally Posted by webber286 View Post
    Fair enough guys, I saved the bit.ly code that was inserted, so they should be able to track the perpetrator. As a side note, this was discovered at about 2am on a Saturday night, so we quickly did some work to fix the problem and then take some additional security measures. I wanted to post here right away to let the community know and was a little frazzled by the situation. Also, we are not affiliates with BetExpress ourselves, had actually never heard of them before this, will report back with any response from them.
    Please keep us posted. I understand how you might have been feeling. I probably would have posted similar too.
    Jamie Blake
    Skype: wga-jamie


    Best online casinos - Division of Players Luck Gaming

  10. #8
    webber286 is offline Private Member
    Join Date
    April 2006
    Posts
    107
    Thanks
    22
    Thanked 12 Times in 10 Posts

    Default

    They hacked our database a second time yesterday and we have taken additional security measures to keep them out. So far, so good today.

    James at BetExpress responded to my inquiry right away and did some investigation. He found that the offending affiliate account had been setup as a dummy registration in their system. He has sent an email to the affiliate and locked their account, so I have to give them some props for being very responsive to this situation.

  11. #9
    universal4's Avatar
    universal4 is offline Forum Administrator
    Join Date
    July 2003
    Location
    Courage is being scared to death...and saddling up anyway. John Wayne
    Posts
    28,340
    Thanks
    2,301
    Thanked 7,989 Times in 5,045 Posts

    Default

    They should be named and shamed.

    I for one would not want to do business with whoever is behind this.

    Rick
    Universal4
    Gambling World Online Roulette Online Blackjack Live Online Games Sports Betting Horse Racing
    Casino Affiliate Programs
    Hosting and Domain Names
    Gambling Industry Association
    GPWA Moderation by Me and My Big Bad Security Self
    If an affiliate program is not small affiliate friendly (especially small US Affiliate), then they are NOT Affiliate Friendly!

  12. #10
    Simmo! is offline Public Member
    Join Date
    July 2004
    Posts
    893
    Thanks
    239
    Thanked 406 Times in 226 Posts

    Default

    Just an aside: if you are trying to track rogue affilite links be it from hacking, spam, cloaked links etc, the easist way is to use Firefox, click the link, then in FF go to Tools / Options / Privacy anc click "Show Cookies". It should show you the affiliate's ID or Tracking Code which you can pass to the program to investigate.

  13. The Following User Says Thank You to Simmo! For This Useful Post:


  14. #11
    Webzcas's Avatar
    Webzcas is offline Private Member
    Join Date
    March 2005
    Posts
    1,394
    Thanks
    582
    Thanked 1,015 Times in 408 Posts

    Default

    I signed up to and utilise Sucuri.net to monitor my sites. These guys are very good and will also do an indepth scan of your entire site for backdoors etc. Well worth $60 a month.
    Exit stage left

  15. #12
    allfreechips's Avatar
    allfreechips is offline Private Member
    Join Date
    August 2010
    Location
    Ohio - The taxing state
    Posts
    1,081
    Thanks
    136
    Thanked 631 Times in 371 Posts

    Default

    most common issue is SQL injection or allowing fopen in PHP
    Allfreechips online casino guide offers online casino reviews from our members. Also our exclusive No Deposit casino bonuses are always up to date. See the latest slot machine reviews at Hotslot and exclusive no deposit casino bonuses as well with a good dose of daily online gambling news to learn about pokies

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •