[joomla] several 1.0 sites hacked this week!
Barrie North
barrie at compassdesigns.net
Thu Mar 26 08:59:29 EDT 2009
We got hacked last month by a brute force attack on our FTP password. Once
they had that, they got into the Joomla files.
Any site can be hacked. The other half of the equation is vigilance and
backups :)
Barrie North
~Fully Managed Joomla Sites~
www.simplweb.com/joomla
~Join the Community at compassdesigns.net~
www.compassdesigns.net/join-the-community.html
On Wed, Mar 25, 2009 at 11:23 PM, Mark Simko <masimko at verizon.net> wrote:
>
> Several of my clients' 1.0.15 sites have been hacked this week! Is
> there a problem with 1.0?
>
> I don't see an announcement on joomla.org
>
> I just saw that my site was hacked the other day. Fortunately they
> bunged it up a bit, so the code didn't run, but instead gave an error
> message.
>
> What they had done is append javascript to the index.php file. It was
> disguised as ascii codes, and there were several var defined and
> substituted in, but the result was that it attempted to open a hidden
> iframe directed to siplank.com. When I tried to open siplank.com in a
> web browser (yes, I did that! I do lots of crazy things out of
> curiosity) Firefox stopped it with a warning about the site being known
> for malware.
>
> I'm running 1.5.9 on a shared host. I will be calling my host and asking
> them what they can find out from their logs as to what happened.
>
> _______________________________________________
> New York PHP SIG: Joomla! Mailing List
> http://lists.nyphp.org/mailman/listinfo/joomla
>
> NYPHPCon 2006 Presentations Online
> http://www.nyphpcon.com
>
> Show Your Participation in New York PHP
> http://www.nyphp.org/show_participation.php
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/joomla/attachments/20090326/93b38a10/attachment.html>
More information about the Joomla
mailing list