forums hack

Your website has been reported by Bank Of America for hacks and abuse.

More than likely this is reason why your site is not working, please see below:


Abuse Team,
It appears that the below IP addresses that you seem to host have been used in recent cyber attacks. We have been informed these compromises are possibly the result of a Joomla or other CMS vulnerability and if not patched will simply be re-infected.
We request that you investigate these IP addresses to identify any malicious activity. If you are able to confirm suspicious activity, we ask that you take appropriate action to disable the malware, patch the vulnerability or remove the devices from the network. It is also likely Joomla administrative passwords where compromised and they should be changed to prevent re-infection.
All IPs/URLs have been confirmed as active just prior to this notification being sent. If you feel action has already been taken, please reconfirm by viewing the HTTP status with a tool like wget or cURL. If using cURL, use the following command:
curl -A “Mozilla/4.0” -iL [URL]
Please note the HTTP status in the first line of output, if the first line of output is 'HTTP/1.1 200 OK', that means the file exists, despite any other output in consequent lines.
Thank you for your immediate attention and action. Please contact us as soon as you receive this and stay in contact until any issues have been resolved. Additional technical details are provided below.
Regards,
Abuse Team
Bank of America

****************************************************************************************** ***************************************
Examples of Malicious Content
****************************************************************************************** ***************************************
Malicious content:
173.198.255.3 [URL="http://www.mknexusonline.com/modcp/thread.1.php,"]http://www.mknexusonline.com/modcp/thread.1.php,[/URL="http://www.mknexusonline.com/modcp/thread.1.php,"]
173.198.255.3 [URL="http://www.mknexusonline.com/forums/subscription.1.php,"]http://www.mknexusonline.com/forums/subscription.1.php,[/URL="http://www.mknexusonline.com/forums/subscription.1.php,"]
173.198.255.3 [URL="http://www.mknexusonline.com/content/define.inc.php,"]http://www.mknexusonline.com/content/define.inc.php,[/URL="http://www.mknexusonline.com/content/define.inc.php,"]
173.198.255.3 [URL="http://www.mknexusonline.com/forums/subscription.class.php,"]http://www.mknexusonline.com/forums/subscription.class.php,[/URL="http://www.mknexusonline.com/forums/subscription.class.php,"]
173.198.255.3 [URL="http://www.mknexusonline.com/content/LICENCE.php"]http://www.mknexusonline.com/content/LICENCE.php[/URL="http://www.mknexusonline.com/content/LICENCE.php"]

****************************************************************************************** ***************************************
Additional Information
****************************************************************************************** ***************************************
1. Details surrounding the recent DDoS attacks, the operational aspects of the botnet and potential mitigation steps are available for free at the following locations:
News release: [URL="http://www.prolexic.com/news-events-pr-threat-advisory-ddos-itsoknoproblembro.html"]http://www.prolexic.com/news-events-pr-threat-advisory-ddos-itsoknoproblembro.html[/URL="http://www.prolexic.com/news-events-pr-threat-advisory-ddos-itsoknoproblembro.html"]
Detailed report: [URL="http://www.prolexic.com/knowledge-center-ddos-threat-advisory-itsok/pr.html"]http://www.prolexic.com/knowledge-center-ddos-threat-advisory-itsok/pr.html[/URL="http://www.prolexic.com/knowledge-center-ddos-threat-advisory-itsok/pr.html"]
BroBot Log Parser: [URL="https://github.com/plxsert/brolog"]https://github.com/plxsert/brolog[/URL="https://github.com/plxsert/brolog"]

2. The following resources may be useful for your customer’s to help them secure their websites and prevent re-infection:
[URL="http://web.appstorm.net/roundups/self-publishing/15-great-ways-to-secure-your-website"]http://web.appstorm.net/roundups/self-publishing/15-great-ways-to-secure-your-website[/URL="http://web.appstorm.net/roundups/self-publishing/15-great-ways-to-secure-your-website"]
[URL="http://www.netmagazine.com/features/10-essential-security-tips-protect-your-site-hackers"]http://www.netmagazine.com/features/10-essential-security-tips-protect-your-site-hackers[/URL="http://www.netmagazine.com/features/10-essential-security-tips-protect-your-site-hackers"]

----------------------------------------------------------------------
This message, and any attachments, is for the intended recipient(s) only, may contain information that is privileged, confidential and/or proprietary and subject to important terms and conditions available at [URL="http://www.bankofamerica.com/emaildisclaimer."]http://www.bankofamerica.com/emaildisclaimer.[/URL="http://www.bankofamerica.com/emaildisclaimer."] If you are not the intended recipient, please delete this message.


------------------------------------------------------------------------------------------------------------
To find more information about nearly any question you have, please review the tutorials provided at the following links:
[URL="http://www.turnkeyinternet.net/tutorials/"]http://www.turnkeyinternet.net/tutorials/[/URL="http://www.turnkeyinternet.net/tutorials/"]


How are we doing? Do you feel you need to escalate this ticket, or have any feedback about my performance today?
Please feel free to let our Customer Experience Director, David Conboy know at 518-618-0999 x105, or [EMAIL="[email protected]"][email protected][/EMAIL="[email protected]"]