Today we were informed that several programs that use our script were hacked.
Someone had access to files and database on the server.
All those programs were located at one server (one hosting provider) - they used virtual hosting plan.
We repeat again and again - do not use virtual servers for any finance programs, they has less (almost no) security than dedicated servers.
But if you use virtual hosting still we recommend:
1. make backup as often as you could (files and database)
2. do not use auto withdraw (all users that were hacked ignore this tip)
3. check your ftp for new/changed files. Do not ignore any changes - investigate it
Posted by Goldcoders 2010-08-17 00:00:00