[joomla] several 1.0 sites hacked this week!
Mark Simko
masimko at verizon.net
Wed Mar 25 23:23:22 EDT 2009
Several of my clients' 1.0.15 sites have been hacked this week! Is
there a problem with 1.0?
I don't see an announcement on joomla.org
I just saw that my site was hacked the other day. Fortunately they
bunged it up a bit, so the code didn't run, but instead gave an error
message.
What they had done is append javascript to the index.php file. It was
disguised as ascii codes, and there were several var defined and
substituted in, but the result was that it attempted to open a hidden
iframe directed to siplank.com. When I tried to open siplank.com in a
web browser (yes, I did that! I do lots of crazy things out of
curiosity) Firefox stopped it with a warning about the site being known
for malware.
I'm running 1.5.9 on a shared host. I will be calling my host and asking
them what they can find out from their logs as to what happened.
More information about the Joomla
mailing list