My WHM/cPanel was hacked

Avatar
  • Answered
I am being redirected to the hacker website when I login to cPanel using the x3 theme and with paper lantern the hack appears as cpanel notification which again redirects to hacker website when clicked. Even more over 50 cpanel .htaccess files were overwritten with a redirect directive to the hacker website (Redirect 301 / http://skip-ads.tk/). Inmotion run a full server scan but that was no help and couldn't identify the issue.
Please let me know what I should try?
Avatar
Scott
Hello biruk360,

OH NO! I am sorry that you have somehow been hacked. I am able to see your login pages, does the redirect occur only after you are logged in? Unfortunately this would not be something we can work with here in the public area as it requires sensitive information. You will want to work with the Live Support and see if our level 2 people can assist. Perhaps they can find a configuration file or something that is redirecting or hopefully identify the area that was used to hack the server.

Kindest Regards,
Scott M