ptyxiakes dot gr website redirects to nkbihfbeogaeaobhlefnkodbefgpgknn.com
support4students dot gr website redirects to nkbihfbeogaeaobhlefnkodbefgpgknn.com
diplomatikes dot gr website redirects to nkbihfbeogaeaobhlefnkodbefgpgknn.com
does anyone please knows what is going on ?
Your Cloudflare account has most likely been hacked. That site used to be a metamask clone/phising page, you’re not the first one to get your account compromised and redirects added for it.
Follow this guide:
As for deleting the actual redirect:
Check your Audit Log (Manage Account → Audit Log) for any unauthorized changes.
If you can’t find the redirect being created there, it’s most likely either a Single Redirect (within your site in CF Dash, go to Rules → Redirect Rules, look at Single Redirects) or a Page Rule Redirect (check under Rules → Page Rules)
Thank you very much Chaika!
My account has been hacked. The Page Rule Redirect has been changed (the redirect of the web sites has been added there).
It can be seen also from Audit Log as you suggested
Thank’s a lot!
Στις Δευ 2 Οκτ 2023 στις 6:07 μ.μ., ο/η Chaika via Cloudflare Community <[email protected]> έγραψε:
question for @chgeorgo ,
Did you have MFA enabled on the account that was compromised?
Στις Τρί 3 Οκτ 2023 στις 10:35 μ.μ., ο/η alan.sarzynski via Cloudflare Community <[email protected]> έγραψε:
Not sure what that last message means?
Like @alan.sarz , I’m eager to hear if you had MFA enabled on your Cloudflare account.
Any ideas how your account was hacked?
same password from other sites?
Commonly used password?
Had you accessed your cloudflare account from a public PC?
Malware on your private PC?
I am new here and generally paranoid in general. I’m always wondering how hacks occur.
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.