My webby has recently been used to do a bit of ebay Phishing. Thanks to Google I found you guys.

/eBay_phish499455.html

I'd just like some idea as to how this might have happened. I didn't put it there myself so I guess the webby was hacked, but if folders and files where added I'm guessing this is a bit more then a simple PHP-Nuke hack.

I had PhP-Nuke with latest patches for webby and forum.

I'm posting here as the website providers are being very slow to respond to me, I get the impression they think it’s down to me, I didn't even get a response stating what had happened until I contacted them.

No response ... cool.

Luckly you CC'd a friend the original e-mail that you sent. It ended up in my junk folder.

Anyway. I've responded to the original e-mail now and I'm still talking to the providers about getting the log files for you to look at.

I'll let you know if it ever happens.

You'll want to be sure everything is up-to-date, not just PHP-Nuke. For instance your server responded:

HTTP/1.1 200 OK
Date: Sat, 21 Jul 2007 17:23:50 GMT
Server: Apache/1.3.37 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635.SR1.2 mod_ssl/2.8.28 OpenSSL/0.9.7a-p1 PHP-CGI/0.1b
X-Powered-By: PHP/4.4.4
Content-Type: text/html
Transfer-Encoding: chunked

You'll want to be sure all of those are updated.

I just rent the webspace not the server, that's managed by a company.

I have my website back now but not without a lot of frustration.