Ouch! I Was Hacked!
I got into work today and opened IE, only to find that my site was hacked. Basically, whoever/whatever got in put a bunch of files in my root directory (default.asp, default.aspx, welcome.html, index.html, etc.) along with a pw.asp file. So when I requested the main site, I got a weird red screen that said I was hacked. My web applications were not hacked, though, so it was an easy fix: I deleted those files. I'm concerned, though, because I thought it was my FTP account that was compromised so I had my hosting company change it to something stronger, but they did not notice any malicious FTP activity last night, which is when I believed it happened.
So I still don't know how they did it, and that's not good. Believe me, I'll be monitoring this closely.
* Posted at 08.25.2005 10:24:34 AM CST | Link *