/justhost.com – Compromised Account Warning

justhost.com – Compromised Account Warning

We received an email today from one of the hosting providers we use: Below is the email (minus some of the individual details for security reasons):



We got a notification from a 3rd party company that your website was
compromised. When we investigated the accident we found that an intruder
had logged into your account over FTP and uploaded various files into
your account to use it in illegal spectrum. It was done on {date removed}. The
illegal files had been uploaded into:

{removed this too}

To clean your website we removed the illegal content and reset your
cPanel/FTP password to:

However you need to do the
following in order to solve the problem completely.

1. Check all computers used by you to manage the website/account using
some latest antivirus software and remove all viruses/trojans if
something is detected.
2. Log into your cPanel( and sitebuilder ) from a clean computer and
reset your cPanel/FTP/Mail and sitebuilder passwords to something hard
guessed like S893jc&4

Thank you for understanding!



Now is it me or does this seem a little suspicious? The fact that JustHost.com is a US based company, would make you think they could write an email in a more natural sounding English than this one. However there are no phishing links or attachments to suggest that it’s not genuine.

Just to be sure, we have tried to contact justhost.com, but have not heard back from them. So we have changed the passwords anyway.

Anyone else received a similar email recently?