Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Found possible hacker's unsecured server or computer

  • Please log in to reply
2 replies to this topic

#1 BugZapper


  • Members
  • 2 posts
  • Local time:01:32 PM

Posted 03 March 2018 - 10:00 PM

Hello, it's my first time posting here, but I have been using BC for many years.


While attempting to backtrace a bank phishing email that a client received, I found that the phishing webpage was on an unsecured host.

Hundreds of files including many .html pages that would be posted on a hacked website that state something like "Your site was hacked by Anonymous", and other foreign groups, particularly Turkish groups (based on the text). There are several text files with code scripts as well.


I'm not sure if any law enforcement would be interested in this, or who to contact.

Perhaps the Bleeping Computer community could use this info?


The url's landing page is for some asian medical services (likely bogus), but one of the sub-folders shows the hacker's pages.

I won't post the site url here, but any guidance would be appreciated. I would hate to simply forget about this possible resource.



BC AdBot (Login to Remove)


#2 Platypus


  • Global Moderator
  • 15,232 posts
  • Gender:Male
  • Location:Australia
  • Local time:06:32 AM

Posted 04 March 2018 - 09:07 PM

I suppose it's possible you may have stumbled upon a honeypot (an easily accessible website deliberately designed by, say an intelligence service, to attract people interested in the content), but if it's actually an accidentally unsecured malicious site, what to do would depend on what legal jurisdiction both you and the site are under. The police service in your area should have a cybercrime division you could at least talk to. However where the site is hosted will probably govern what can or should be done.

Edited by Platypus, 04 March 2018 - 09:08 PM.

Top 5 things that never get done:


#3 BugZapper

  • Topic Starter

  • Members
  • 2 posts
  • Local time:01:32 PM

Posted 05 March 2018 - 12:00 AM

Thanks, Platypus.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users