Jump to content
Sam

Hacked Again! 11Th May

Recommended Posts

Well, I'm sure most of you have noticed that the site got hacked over the weekend. Unfortuantly I was away on holiday and unable to do any work on the site. I did make some progress with the support, but I needed to edit passwords etc.

I have now updated some out of date software (which the hacker managed to obtain the password from!) and upgraded the forum too.

I hope this is the last of the hacks, I can't believe how sad some people are!

If you spot anything that is still not right, please let me or a mod know.

Sorry for all of the interference with the site.

Share this post


Link to post
Share on other sites

All good in IE now. :)

Share this post


Link to post
Share on other sites

Samtastic! :)

Share this post


Link to post
Share on other sites

We must have really pissed someone off lol

Is it e46zone that's being attacked or the servers vbulletin

Thanks for sorting it out again and hopefully whoever is doing it will get bored

Share this post


Link to post
Share on other sites

We must have really pissed someone off lol

Is it e46zone that's being attacked or the servers vbulletin

Thanks for sorting it out again and hopefully whoever is doing it will get bored

The problem started with a big in the server software. That lead them to get into SQL and put some code into the forum software (invision, not vbulletin). They also edited the home page for the whole site (not just the forum).

After the first attack, they had left some code that allowed them back onto the site, hence why its happened again.

Share this post


Link to post
Share on other sites

Probably someone from the MG forum

PMSL. he did deserve the roasting though

E46 Convertible Imola Red

Share this post


Link to post
Share on other sites

who moi?

Life can resume to normal again now ahhhhhh

Share this post


Link to post
Share on other sites

Hi all, I think this related to the forum hacking.....thus morning just after browsing the zone my work laptop threw a hissy fit with loads of data removal warning tabs and this adware virus checker program pops up asking for subscription so it can resolve the data corruption it had just discovered. Anyway I thought no way im downloading any b******s and took it to the IT boss who have still not established a solution. Has anybody else had the same sort of problem if so is there any website info that I can share as it's looking like a software rebuild which is a pita. Any help appreciated ta! :D

Share this post


Link to post
Share on other sites

Glad it's back up and running! HATED Chrome! :P

Share this post


Link to post
Share on other sites

Guys read this, I just tries to go onto the site on my computer and my Avira antivirus blocked access as it contained the pattern of the JS/iFrame.LF Java script virus!

Share this post


Link to post
Share on other sites

Yes, gone dodgy for me again using Firefox. All the formating is off. Have cleared cookies/cache etc... Was fine earlier.

Share this post


Link to post
Share on other sites

well it would appear i spoke to soon, posting in a thread leads to a load of jibberish but i seem to be able to view forums and threads ok

Share this post


Link to post
Share on other sites

my script stopper is telling me that there are scripts from myfw.us and skimresources.com that are not being allowed to run by it as i haven't ok'd them. Normally i don't have any script warnings on the zone as i have ok'd every script that is needed. Not sure if that's any help

Edited by Dr T

Share this post


Link to post
Share on other sites

Whatever this is, this doesn't want to go away. Tried again to access the site and same thing again my virus checker is blocking the site with same virus.

Share this post


Link to post
Share on other sites

Yep, was working until 2am last night, thought i'd have a quick read of the forum, but.........oh no.......hacked again! :(

Share this post


Link to post
Share on other sites

Well that didn't last long! I've put some more measures in place to try and stop it happening again. It seems to always be 'hacked' over the night, so I will have to take a look at whats been edited tomorrow.

Share this post


Link to post
Share on other sites
Well that didn't last long! I've put some more measures in place to try and stop it happening again. It seems to always be 'hacked' over the night, so I will have to take a look at whats been edited tomorrow.

Is the the on shared hosting or dedicated?

I do this stuff for a living and have recently had 2 clients with similar problems.

Share this post


Link to post
Share on other sites

Hummm with which company?

If they got into the database and code it sounds like they have not hacked the site but have gained access to the actual hosting c-panel giving them access to everything.

Share this post


Link to post
Share on other sites

Hummm with which company?

If they got into the database and code it sounds like they have not hacked the site but have gained access to the actual hosting c-panel giving them access to everything.

Not necessarily, you give a lot of power to PHP software like what this forum runs. You'll see the same problem across most like Wordpress and phpBB. There will always be loop holes for hackers if they look hard enough.

If they can gain admin access to the forum, they can gain access to the files on the server, then with the files on the server they can fidn the database host, username, password and database name which is then access to MySQL.

Sam, have you posted anything on the IPBoard forums? I had a quick look online and didn't come across anything that you can do to tighten security other than keeping the software up-to-date :mellow:. Might be worth seeing if anyone on there has any tips

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...