[SOLVED] My Joomla site Hacked / Phishing
- HowardTheDuck
- OFFLINE
-
Premium Member
- Posts: 138
- Thanks: 8
- Karma: 1
13 years 6 months ago #143962
by HowardTheDuck
[SOLVED] My Joomla site Hacked / Phishing was created by HowardTheDuck
Hi Guys,
I have just been contacted by my host provider through Google/rbay/paypal for a Phishiung attack on my site.
I basically founf many different index.html/htm pages around various fooders of my site. This index pages are built to capture paypal infos from users.
It seems this happened due to a module vulnerability.
I am still using joomla 1.5.15 and CB 1.2.2 with Cbsubs 1.03.
I am trying to figure out which module (maybe others) is the problem but I was wandering if anybody has any suggestion,,,,
Thanks so much
Cristiano
Post edited by: krileon, at: 2010/10/14 15:10
I have just been contacted by my host provider through Google/rbay/paypal for a Phishiung attack on my site.
I basically founf many different index.html/htm pages around various fooders of my site. This index pages are built to capture paypal infos from users.
It seems this happened due to a module vulnerability.
I am still using joomla 1.5.15 and CB 1.2.2 with Cbsubs 1.03.
I am trying to figure out which module (maybe others) is the problem but I was wandering if anybody has any suggestion,,,,
Thanks so much
Cristiano
Post edited by: krileon, at: 2010/10/14 15:10
Please Log in to join the conversation.
krileon
Team Member- OFFLINE
- Posts: 68521
- Thanks: 9091
- Karma: 1434
13 years 6 months ago #143981
by krileon
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Replied by krileon on topic Re:My Joomla site Hacked / Phishing
You'll have to contact your host as to where the vulnerability came from exactly. Certainly not CB or CBSubs as we put it through vigorous security tests and reviews (big reason releases take so long).
However a contributing factory is likely that you do not appear to upgrade anytime there is a new release. You're on Joomla 1.5.15; that is 6 version behind the now available Joomla 1.5.21. You're also on CB 1.2.2 which is 1 version behind the now available CB 1.2.3. Please firstly, remove the back html files and upgrade immediately.
However a contributing factory is likely that you do not appear to upgrade anytime there is a new release. You're on Joomla 1.5.15; that is 6 version behind the now available Joomla 1.5.21. You're also on CB 1.2.2 which is 1 version behind the now available CB 1.2.3. Please firstly, remove the back html files and upgrade immediately.
Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Please Log in to join the conversation.
- HowardTheDuck
- OFFLINE
-
Premium Member
- Posts: 138
- Thanks: 8
- Karma: 1
13 years 6 months ago #143991
by HowardTheDuck
Replied by HowardTheDuck on topic Re:My Joomla site Hacked / Phishing
Hy Kyle,
i guess you are right....this time we waited too long!!
Removed the files and upgraded joomla. In the next few days I will also upgrade CB.
Thanks as usual!
Cristiano
i guess you are right....this time we waited too long!!
Removed the files and upgraded joomla. In the next few days I will also upgrade CB.
Thanks as usual!
Cristiano
Please Log in to join the conversation.
Moderators: beat, nant, krileon
Time to create page: 0.199 seconds
