SOLVED: What to Do if your website got Hacked by Aslan Neferler Tim

SOLVED: What to Do if your website got Hacked by Aslan Neferler Tim

Fixes & How a Turkish hacker group, (Aslan Neferler Tim) took over over 50,000 websites, including 4 belonging to me and over 50,000 others.

Last updated on February 3rd, 2018 at 12:10 am

I have over 30 website but I host 6 over at SmarterASP. This morning I woke up and saw 4 of my website’s content and files replaced with some static HTML with a message and YouTube Video broadcasting a Turkish message. I ran a search on google and found thousands of websites with the same issue so I created this tutorial to help those that were hacked to recover their websites.


ASLAN NEFERLER TİM NATİONAL FORCE HACKED!.

MEVZU BAHİS VATANSA; GERİSİ TEFERRUATTIR!

BİZLER VAR OLDUKÇA, SİZLERE RAHAT UYKU YOK!

 




5 hours later and the group is on Facebook boasting about hacking my websites. 🙁

Symptoms

  • It turns out that somehow they got a hold of my FTP password (strange as i only use Filezilla)
  • All files under each website was deleted
  • Attack was done by Turkish hacker group Aslan Neferler Tim @aslanneferler. The attacks by the hacker team named “Aslan Neferler Tim” (which can roughly be translated as Lion Privates Team)

Immediately I started a chat with my hosting provider, they didn’t offer me much advice only to boast of their strong Data Centre Firewall. Being a white hack hacker, I started asking myself a few question: Was it DNS hijacking? Was it a FTP hack? How did they get my super strong FTP and Control Panel password? Why me? But My code was checked by 2 vulnerabilities geniuses from Fiverr, Why Why Why?



The group had earlier claimed responsibility for the attacks on the websites of Belgian government agencies, Dutch right-wing politician Geert Wilders, the Armenian Central Bank, and the main webpage of renowned hacker movement Anonymous.

After some extensive research, I managed to get a hold of the situation, changed my password, uninstalled FileZilla, sent out some apologies to my subscribers and re-upload my files. Here are the steps I took to resolve the issue:

What to To if your website was hacked

  • Because this type of hack is not DNS hijacking, you may not need to adjust anything at the DNS records level
  • Change all your hosting control panel passwords
  • change all your website’s FTP password

COMMENTS

DISQUS: 0