Hello All,

I got an email like this:

Details: Your site is hacked lock hear (mafiaradio.is-a-chef.net) Resolved:
(213.175.205.68)and lock hear http://mafiaradio.is-a-chef.net:8000/ u will
see your site is hacked ! clean your root and change your users password !!

I checked the url and it was indeed our site - I made some changes to our copy and the changes applied to the "hack site".

Is it possible he just used Curl to create this clone homepage? What is the most likely option?

Hello All,

I got an email like this:

I checked the url and it was indeed our site - I made some changes to our copy and the changes applied to the "hack site".

Is it possible he just used Curl to create this clone homepage? What is the most likely option?

The funny thing is that the page is a loop. It looks like your page, but its not. It pulls information from your server inside of another page, using an include call. Your page is fine. Just report the email to your ISP and block the address.

Thanks Zinnqu, I have got in touch with our hosts and asked them to ban said people.

I will leave this thread open for a little longer to see if anyone else has a different idea.