Hello,
When I entered my forum homepage a little while ago, I met with this page:
First I've checked my server/ftp accounts and all were looking OK. Also my admin panel was working too, so I've searched in templates and I saw that he changed "FORUMHOME" script, I reverted it and everything turned back normal.
Then I made a deeper research and saw that he created a plugin in Vbulletin system like this:
At the same time I've seen this in my mail:
When I searched for some keywords in the hacking message I've seen that he hacked many sites today with the same method:
Even he hacked homepage of antifraudintl.org forum page, and this is the thread in their forum about this matter (their homepage is still hacked, if you read this message, you have to revert FORUMHOME template)
What can be this? A new vulnerability?
Regards...
When I entered my forum homepage a little while ago, I met with this page:
First I've checked my server/ftp accounts and all were looking OK. Also my admin panel was working too, so I've searched in templates and I saw that he changed "FORUMHOME" script, I reverted it and everything turned back normal.
Then I made a deeper research and saw that he created a plugin in Vbulletin system like this:
At the same time I've seen this in my mail:
When I searched for some keywords in the hacking message I've seen that he hacked many sites today with the same method:
Even he hacked homepage of antifraudintl.org forum page, and this is the thread in their forum about this matter (their homepage is still hacked, if you read this message, you have to revert FORUMHOME template)
What can be this? A new vulnerability?
Regards...
Comment