View Poll Results: What percentage of your affiliate websites have been hacked?

Voters
30. You may not vote on this poll
  • 0% - My sites have never been hacked (as far as I kknow).

    18 60.00%
  • 10% (at most) of my sites have been hacked.

    3 10.00%
  • 25% (at most) of my sites have been hacked.

    4 13.33%
  • 50% (at most) of my sites have been hacked.

    3 10.00%
  • 75% (at most) of my sites have been hacked.

    2 6.67%
  • 99.999% (at most) of my sites have been hacked.

    0 0%
  • 100% of my sites have been hacked.

    0 0%
Page 1 of 2 12 LastLast
Results 1 to 20 of 21
  1. #1
    MichaelCorfman's Avatar
    MichaelCorfman is offline GPWA Executive Director
    Join Date
    June 2004
    Location
    Newton, MA
    Posts
    4,277
    Thanks
    915
    Thanked 5,540 Times in 1,785 Posts

    Question What percentage of your affiliate websites have been hacked?

    As a community of affiliates many of us have had website hacking on our mind since antihacker exposed the criminal activity of the owner of the website verifiedcasinos.com in the thread URGENT: ALL Affiliate programs: BAN VERIFIEDCASINOS.COM For Serious Hacking! (proof).

    One question I have wondered about is the extent of hacking activity gaming affiliates experience. So, for this week's poll I'd like to ask webmasters about the degree of hacking activity they have personally observed on their own websites. Besides answering the poll, please share details of your own experiences.

    Michael
    GPWA Executive Director, Casino City CEO, Friend to the Village Idiot

    Resources for Affiliates: iGamingDirectory.com, iGamingAffiliatePrograms.com, GamingMeets.com

  2. #2
    edgarf76's Avatar
    edgarf76 is offline Private Member
    Join Date
    March 2013
    Location
    Montreal
    Posts
    1,856
    Thanks
    647
    Thanked 506 Times in 359 Posts

    Default

    I would say overall 20 percent before I hired sucuri. I get them scanned for malware every day now.

  3. #3
    sweetbet's Avatar
    sweetbet is offline Public Member
    Join Date
    November 2012
    Posts
    2,819
    Blog Entries
    5
    Thanks
    898
    Thanked 1,574 Times in 1,087 Posts

    Default

    None of my sites have been hacked so far. I've installed multiple WP security plugins on every blog.

  4. #4
    casinovegas is offline Public Member
    Join Date
    February 2013
    Posts
    467
    Thanks
    0
    Thanked 6 Times in 3 Posts

    Default

    Quote Originally Posted by sweetbet View Post
    None of my sites have been hacked so far. I've installed multiple WP security plugins on every blog.
    None so far luckily. Sweetbet, what plugins do you use/recommend?

  5. #5
    Gamer's Avatar
    Gamer is offline Public Member
    Join Date
    August 2014
    Posts
    438
    Thanks
    78
    Thanked 198 Times in 132 Posts

    Default

    I do not use WordPress platform for my sites. I was not aware that it is so easy to hack someone else site, just by manipulating plugins code.
    Anyway, none of my sites was hacked, up to now.
    Thanks to Great Creator.

  6. #6
    DaftDog's Avatar
    DaftDog is offline Private Member
    Join Date
    October 2008
    Posts
    1,933
    Thanks
    570
    Thanked 674 Times in 393 Posts

    Default

    Quote Originally Posted by Gamer View Post
    I was not aware that it is so easy to hack someone else site, just by manipulating plugins code.
    It is not normally that easy for a hacker to manipulate any plug-in code. Most well written plug-ins will be updated as soon as a vulnerability in their code is exposed. The problem with mass hacking comes when users of those vulnerable plug-ins don't do the required security upgrades.

  7. #7
    muffincrumbs's Avatar
    muffincrumbs is offline Public Member
    Join Date
    March 2013
    Location
    Neither here nor there
    Posts
    302
    Blog Entries
    5
    Thanks
    261
    Thanked 116 Times in 87 Posts

    Default

    Cloudflare helps too. It is a CDN of sorts, not really the fastest or best, but I use it and I keep paying them monthly lol so it's not too bad. Just do not let them use the lazy image loader. That will wreck your site for mobile phones even though that what it was made for.

    I used suecurity plugins and I saw my site dip in SERP. I think because they are huge resource hogs. Now I think I should try one again.

    How can you tell if you are hacked? What do they do? Replace aff links or something?

  8. The Following User Says Thank You to muffincrumbs For This Useful Post:

    DanHorvat (25 November 2014)

  9. #8
    Christiaan's Avatar
    Christiaan is offline Private Member
    Join Date
    February 2013
    Location
    Barcelona
    Posts
    1,232
    Thanks
    176
    Thanked 470 Times in 326 Posts

    Default

    So far I haven't been hacked (as far as I know).

    I try to use not to many plugins. And if I use them, mostly I use big well known plugins that are updated regularly. On my servers I have additional security installed and I try to keep them up to date. The CMS websites get updated automatically when new updates are released.
    But of course you can never be totally safe. I just try to keep it as safe as possible.

  10. #9
    TheGooner's Avatar
    TheGooner is offline Private Member
    Join Date
    March 2007
    Location
    New Zealand
    Posts
    4,298
    Thanks
    1,968
    Thanked 4,255 Times in 2,024 Posts

    Default

    The poll sort of misses the point of the latest scam.

    In the current scenario website owners do not know that they've been hacked. The usual targets are unsavvy webmasters who have chosen wordpress as a "simple" way of getting online. They've been chosen for their clean profile - and also because they are using old versions of plug-ins that are vulnerable to hacking - and so are not likely to be technical.

    The hack injects pages into the website using holes in popular plug-ins - but these pages are not linked to the normal website content and so the host webmaster and their users are unlikely to notice them or ever browse them.

    However these new webpages are then "spam-liked" through social media and with other linking techniques are artificially inflated in importance for gambling keywords so that google will place them high in the serps.

    Unless you are actually looking in the search results, you will probably never notice that your site is ranked for them. And a site owner about girl guides is unlikely to be searching for gambling or casino terms

  11. The Following 4 Users Say Thank You to TheGooner For This Useful Post:

    -Shay- (23 October 2014), antihacker (2 November 2014), muffincrumbs (1 November 2014), universal4 (23 October 2014)

  12. #10
    sweetbet's Avatar
    sweetbet is offline Public Member
    Join Date
    November 2012
    Posts
    2,819
    Blog Entries
    5
    Thanks
    898
    Thanked 1,574 Times in 1,087 Posts

    Default

    SportsBets4Free I'll PM you the plugin names.

  13. #11
    Azureus's Avatar
    Azureus is offline Public Member
    Join Date
    May 2012
    Posts
    97
    Thanks
    6
    Thanked 75 Times in 44 Posts

    Default

    None yet. I use Wordpress for one of them but I have it always updated and with only two verified plugins.

  14. #12
    Ares's Avatar
    Ares is offline Public Member
    Join Date
    September 2014
    Posts
    177
    Blog Entries
    6
    Thanks
    31
    Thanked 27 Times in 23 Posts

    Default

    Extremely interesting poll. Maybe we can collect some statistical data this way too.

  15. #13
    sweetbet's Avatar
    sweetbet is offline Public Member
    Join Date
    November 2012
    Posts
    2,819
    Blog Entries
    5
    Thanks
    898
    Thanked 1,574 Times in 1,087 Posts

    Default

    I'm getting regular and multiple hack attempts every single day, and it is just annoying to say the least. I've added a second password field to the login page, and a captcha code field, and they still keep on trying. The program automatically bans the ip address for over a year if the hacker can't login, and they keep changing ip addresses and trying again. I also have multiple firewalls that Block Directory Traversals, SQL Queries, WordPress Specific Terms. Field Truncation Attacks, PHP Code Includes, Executable File Uploads and other things, and they still keep on trying. I've also hidden the wp login page, and they keep trying to find a way in. I've also permanently banned some hacker ip addresses that keep showing up in the log files. It's never ending really.

  16. The Following 3 Users Say Thank You to sweetbet For This Useful Post:

    -Shay- (2 November 2014), antihacker (2 November 2014), DanHorvat (25 November 2014)

  17. #14
    casinoplanet's Avatar
    casinoplanet is offline Private Member
    Join Date
    August 2009
    Location
    LowLands
    Posts
    369
    Thanks
    102
    Thanked 120 Times in 80 Posts

    Default

    I've never been hacked afaik and that's the main reason why I don't want to use WP, despite of its advantages.
    "Depend on the rabbit's foot if you like, but remember it didn't work for the rabbit." R.E. Shay

  18. #15
    antihacker's Avatar
    antihacker is offline Public Member
    Join Date
    August 2014
    Posts
    300
    Thanks
    154
    Thanked 184 Times in 107 Posts

    Default

    Although an interesting poll, I believe the hackers (NOT Just the owner of Verifiedcasinos, but quite a few others too, of which some very 'heavy' cyber criminals) do not in general target other gambling affiliate's sites. They seem to go for non gambling sites in general. (Or perhaps we gambling affiliates are a bit more 'web savvy ' and know how to protect our sites better than the average website out there)

    (Verifiedcasino's owner even hacked a Government site) However, my point being: I think, the question of this poll should be:

    Who would like to see all of this hacking wiped out from our industry forever?
    (As it CAN be done!)

    (Although not without risk) I have already volunteered to devote my time full time on this, and have a 'plan du attack' ready as we speak. A plan that will take care of this very serious problem thoroughly. IF we don't take care of it, the damages will not to be overseen.

    It is a FACT that already many affiliates are in fact suffering over this, because hackers ARE taking over the internet in our niche. Slowly but surely pushing out the ethical affiliates. Horrible to see, but it's happening.

    In order to set up my 'antihacker bureau' I just need funds. Something that you can't expect me to come up with on my own. In order to do this the best and safest way for those working in it, it will cost. Security, Hardware, Software, Lawyers, Programmers, Team of professionals etc.

    This is not cheap. I for one realize this all to well. But, the cost of this all even spreading further as it already has, will be far worse I guarantee anyone.

    Solution to this: I suggest all affiliate programs to chip in with a small monthly fee.

    This will ultimately buy them a hacker free industry for their affiliates and perhaps more important to them: a hacker free industry for their casinos (When players know casinos are working with criminals, just how many will gamble their money there?), they will get access to a legal team (international team of lawyers) through my office, to take proper actions against hackers, (A LOT cheaper for them if they were to hire a lawyer one by one per hacker they find), they will get a professional team working on this 24/7 which will proactively hunt hackers down, and proactively will notify hacked sites of them being hacked (In essence taking away the hacked sites, one by one in case law enforcement can't 'touch them'), plus it can also function as central reporting point for affiliates who notice something that my team (which obviously still needs to be set up) have not yet found.

    Rooting out the evil from all possible angles.

    This is the way. Tackle them at ANY possible angle. Not something that will happen just from this forum. We've reported verifiedcasinos, but with what result? He is STILL at it. He is still laughing all the way to the bank. But, as said, Verifiedcasinos is child's splay compared to the latest discoveries:

    Please take note of this: The fact of the matter is, this is not just the owner of Verifiedcasinos folks.

    There are many more people who are doing the same. There are some 'pretty heavy' people involved in this hacking business. The latest case I uncovered shows that the perpetrators who are besides hacking and promoting casinos, also are heavily into 'online extortion', 'credit card (hacking) and fraud', 'phishing' and so on.

    This is in reality organized crime. And, they have found a nice piggy bank in our industry.

    We must conclude that in order to get rid of hackers in our industry one does not need to ask affiliate programs to 'ban the affiliate' because, the affiliate will simply open up another account under a different name, and the hacking can start all over again.

    It just doesn't work. In the end, the affiliate programs are also 'victim' and more than ever, we must stick together to destroy it, making sure it will never return. (Those affiliate programs who DO condone it will be met with the same legal team I plan to set up)

    We MUST tackle them from all possible angles. The proper way. With a central point / office with as core business to do so. 24/7! It's a HELL of a job, but somebody has to do it. And, this is not without risk either. But, it has got to be done, or our industry is doomed.

    Anyone who would like to have a hacker free gambling industry, please do let me know your support on this. It's a good way of telling the affiliate programs that you want this. (And, who in his right mind would NOT want this??) They need to know this from as many people (read serious affiliates) as possible. ASAP. So that we can start dealing with the problem on a proper way. With as result: Getting rid of it for once and for all.

    For those not realizing it: We have indeed serious troubles. There are several hackers active. And, some of them are downright criminals. They must be brought down, and the only language they will speak is a serious one. The office I plan can speak such language, especially with the help of a team of international lawyers. A language law enforcement worldwide will listen to as well.

    Otherwise, it will be a lot war. A war we so far have been 'fighting' with sticks and stones, where our 'enemies' have nukes at their disposal..

    Thank you.
    Last edited by antihacker; 2 November 2014 at 9:44 pm.

  19. The Following User Says Thank You to antihacker For This Useful Post:

    Korto Maltese (3 November 2014)

  20. #16
    Korto Maltese's Avatar
    Korto Maltese is offline New Member
    Join Date
    January 2014
    Location
    Tallinn
    Posts
    25
    Thanks
    4
    Thanked 0 Times in 0 Posts

    Default

    BTW, any idea of the security breach used to hack the sites?
    The idea would be to identify where the breach is and communicate it to the major tech sites to spread the word.

  21. #17
    Cus81 is offline Public Member
    Join Date
    October 2014
    Posts
    21
    Thanks
    1
    Thanked 2 Times in 2 Posts

    Default

    I'm lucky enough to have never had a hacked (money) site.

  22. #18
    jeffery123's Avatar
    jeffery123 is offline New Member
    Join Date
    November 2014
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Default

    None of my website has been hacked, that is because the WP security has been installed

  23. #19
    DanHorvat's Avatar
    DanHorvat is offline Private Member
    Join Date
    November 2008
    Location
    Actual location may vary.
    Posts
    1,899
    Blog Entries
    3
    Thanks
    1,302
    Thanked 1,290 Times in 760 Posts

    Default

    sweetbet, try using a CDN such as CloudFlare, it acts as the first line of defence and prevents a certain % of bad traffic from reaching your site in the first place. It helps.

  24. #20
    grem's Avatar
    grem is offline Public Member
    Join Date
    July 2010
    Location
    CBN
    Posts
    1,451
    Blog Entries
    19
    Thanks
    254
    Thanked 418 Times in 205 Posts

    Default

    Many webmasters probably don't know their sites were hacked.

  25. The Following User Says Thank You to grem For This Useful Post:

    DanHorvat (27 November 2014)

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •