Hacked Again! 11Th May

[Sam]

Well, I'm sure most of you have noticed that the site got hacked over the weekend. Unfortuantly I was away on holiday and unable to do any work on the site. I did make some progress with the support, but I needed to edit passwords etc.

I have now updated some out of date software (which the hacker managed to obtain the password from!) and upgraded the forum too.

I hope this is the last of the hacks, I can't believe how sad some people are!

If you spot anything that is still not right, please let me or a mod know.

Sorry for all of the interference with the site.

[Mikey]

All good in IE now.

[mit]

Samtastic!

[HedleyNEUK]

Sorted!! will try uploading pics now

[autosri]

We must have really pissed someone off lol

Is it e46zone that's being attacked or the servers vbulletin

Thanks for sorting it out again and hopefully whoever is doing it will get bored

[Sam]

We must have really pissed someone off lol

Is it e46zone that's being attacked or the servers vbulletin

Thanks for sorting it out again and hopefully whoever is doing it will get bored

The problem started with a big in the server software. That lead them to get into SQL and put some code into the forum software (invision, not vbulletin). They also edited the home page for the whole site (not just the forum).

After the first attack, they had left some code that allowed them back onto the site, hence why its happened again.

[Vas]

We must have really pissed someone off lol

Probably someone from the MG forum

[Chimp Choker]

Probably someone from the MG forum

PMSL. he did deserve the roasting though

E46 Convertible Imola Red

[Jay.]

who moi?

Life can resume to normal again now ahhhhhh

[Fishman68]

Hi all, I think this related to the forum hacking.....thus morning just after browsing the zone my work laptop threw a hissy fit with loads of data removal warning tabs and this adware virus checker program pops up asking for subscription so it can resolve the data corruption it had just discovered. Anyway I thought no way im downloading any b******s and took it to the IT boss who have still not established a solution. Has anybody else had the same sort of problem if so is there any website info that I can share as it's looking like a software rebuild which is a pita. Any help appreciated ta!

[momo]

Glad it's back up and running! HATED Chrome!

[Daz 330 Cs]

Good work Boss

Ps. I loathe Chrome as well !

[DJ Syxx]

Nice to view the site using my firefox, going to uninstall Chrome!

[DJ Syxx]

Guys read this, I just tries to go onto the site on my computer and my Avira antivirus blocked access as it contained the pattern of the JS/iFrame.LF Java script virus!

[Gaz]

Yes, gone dodgy for me again using Firefox. All the formating is off. Have cleared cookies/cache etc... Was fine earlier.

[Dr T]

i'm on firefox and all seems well for me atm

[Dr T]

well it would appear i spoke to soon, posting in a thread leads to a load of jibberish but i seem to be able to view forums and threads ok

[Dr T]

my script stopper is telling me that there are scripts from myfw.us and skimresources.com that are not being allowed to run by it as i haven't ok'd them. Normally i don't have any script warnings on the zone as i have ok'd every script that is needed. Not sure if that's any help

Edited May 14, 2012 by Dr T

[DJ Syxx]

Whatever this is, this doesn't want to go away. Tried again to access the site and same thing again my virus checker is blocking the site with same virus.

[mjn]

Yep, was working until 2am last night, thought i'd have a quick read of the forum, but.........oh no.......hacked again!

[Sam]

Well that didn't last long! I've put some more measures in place to try and stop it happening again. It seems to always be 'hacked' over the night, so I will have to take a look at whats been edited tomorrow.

[sebgreen]

Well that didn't last long! I've put some more measures in place to try and stop it happening again. It seems to always be 'hacked' over the night, so I will have to take a look at whats been edited tomorrow.

Is the the on shared hosting or dedicated?

I do this stuff for a living and have recently had 2 clients with similar problems.

[Sam]

Dedicated cloud server.

[sebgreen]

Hummm with which company?

If they got into the database and code it sounds like they have not hacked the site but have gained access to the actual hosting c-panel giving them access to everything.

[Colossuss]

Hummm with which company?

If they got into the database and code it sounds like they have not hacked the site but have gained access to the actual hosting c-panel giving them access to everything.

Not necessarily, you give a lot of power to PHP software like what this forum runs. You'll see the same problem across most like Wordpress and phpBB. There will always be loop holes for hackers if they look hard enough.

If they can gain admin access to the forum, they can gain access to the files on the server, then with the files on the server they can fidn the database host, username, password and database name which is then access to MySQL.

Sam, have you posted anything on the IPBoard forums? I had a quick look online and didn't come across anything that you can do to tighten security other than keeping the software up-to-date . Might be worth seeing if anyone on there has any tips