Hacked (off) by www.batcave

[pete61uk]

On checking my site stats today I came across www.batcave in my user report. To say the least, I am miffed.

Whomever www.batcave is, he/she was in my stats yesterday as a failed user. Seems to be a persistant #####R.

Although nothing ‘appears’ to have changed, I’ve contacted my ISP to get a new user name and password generated – they have an algorithm, I don’t – and to see if they have the capability to trace them.

Has anyone else come across this individual?

[mikmik]

Hey, pete.
Do you mean this person was logged in to your stats page?
Or showed up in your logs?
Also, do you have an I.P. for them? Or is it www.batcave ".com" or something?

[pete61uk]

Hi mikmik,

www.batcave was the 'user ID' logged into my stats.

There are no other details, that's why I've requested if my ISP has the capability to trace the place of origin for www.batf#####.

I had a quick look for .com, .co.uk, etc. Some obviously legit, some, who knows?

Currently, I'm waiting to hear from my ISP. Problem is the ID and password hacked gives access to more than just stats?????

In the meantime, if anyone recieves e.mail from celna.co.uk, please ignore it, its not from me.

[mikmik]

pete61uk, you wrote:

Quote:

www.batcave was the 'user ID' logged into my stats.

YIKES!

I did a search on Google, just for the heck (I mean h***) of it. Some domains of note were .sk, and .rk, and the like. They were dark and goth-like, in a strange language, and creepy.

I am interested in any developments. This sort of thing is happening to others, but more with links to porn sites, which is not the same thing you are talking about here. This is serious break and enter stuff.

[trsiyengar]

pete61uk wrote:
Quote:
www.batcave was the 'user ID' logged into my stats.

Is it possible to log in without revealing one's IP or Host names? Whatsoever may the trick played by the hackers, there must be an IP address, though a masked or fradulantly changed one. This is what I am told by many Techies.

Even the web statistic counters provided for free reveals the IP and Hostnames of visitors. Howcome, pete, you could not trace this badcrime of this batcave?

Also, I am told that the hackers are mostly targeting members of many sites of many Forum. If this is true, God save everyone.

Namasthe Everyone,
trsiyengar
Coming from the East, where Sun rises fast!
www.trsiyengar.com

[pete61uk]

To reiterate/clarify:

www.batcave was listed in my stats as a user who has logged in.

The ISP techies, who don't seem to understand English, ignored that there was no accompanying "Failed User" referenced. Had there been, I would have known access wasn't granted.

One suggestion they came up with is that it was the browser error of someone viewing the site. That wouldn't explain the lack of a Failed User Report on the 9th?

Whoever it is they were on the site again yesterday, though this time there is a Failed User Report? I've sent my ISP copies of the last three days stats so they can see for themselves.

Iyengar wote:

Is it possible to log in without revealing one's IP or Host names? Whatsoever may the trick played by the hackers, there must be an IP address, though a masked or fradulantly changed one. This is what I am told by many Techies.

The stats program supplied by my host, though it lists Domain, Organisation and Host, they usually come up as "unresolved numerical addresses". Perhaps, it isn't sophisticated enough? That's why I've asked:

1) Do they maintain User Account Access Logs, and
2) Do they have the ability to backtrack users to their ISP/point of origin?

As far as I know, if you wanted to monitor users accessing your site you would require cookies. These would log their IP Address (no good if on an "as assigned" basis), ID info off their pc, and a list of pages/duration of visit to pages.

Frankly, until I can get a coherant and relevant explaination from my ISP I'm freaked-out (I would use an expletive, but I'm too exhausted). Its screwed me up every time I try to think about my assignments too!

As they are the only ones with access to change my password (I can only put on additional permissions) I'm at a loss.

mikmik, I looked as some like the ones you mention, 'dark' is a good description.

[trsiyengar]

Pete, it is really worrysome when someone steals the key of your vault. It is better described, with a saddistic pleasure, those hackers and jammers still around. Still it is possible to trace, if your Service provider keeps track of all visitors. One thing, it should be made mandatory to maintain the log details atleast till certain period, to track n trace these brainless batcaves.

Might be a challenging and security risk, if visits again, take care.

Best wishes,
trsiyengar
www.trsiyengar.com

[pete61uk]

After spending far too many hours checking every page, its text and source for changes, every internal link, and every email link, I’m still not a "Happy Bunny".

Whatever investigation my hosts held they maintain that the security of the site, stats, etc., has been maintained. The explanation for the anomaly (they say) continues to be a random browser fault?

Personally, without a detailed report of the investigative procedures followed, and their findings, I’m not as confident in them as I might otherwise be.

Finally, to you who have expressed an interest, my thanks.

Also, without their knowing my level of understanding of the technologies concerned, why should their techies assume that a simplistic answer to my query would do?

Frankly, after the initial feelings of shock and violation, even if unwarranted (?) I’m now left with a sense of having been ‘talked-down-to’. And it isn’t nice!