Myanmar Muslim Cyber Force - site hacked

**Guest** · Wed 11 Sep '13, 6:37am

Originally posted by Phat Phreddy

Deleted install file..

Delete the entire install folder, not just the install.php file.

**Phat Phreddy** · Wed 11 Sep '13, 6:39am

sorry unclear.. I did deleted the entire folder.. First time.. Been hacked twice since..

**Zachery** · Wed 11 Sep '13, 7:06am

Please read the following two blog posts:

Fixing your site after you have been hacked. - vBulletin Community Forum

http://www.vbulletin.com/forum/blogs/zachery/3993888-fixing-your-site-after-you-have-been-hacked

This guide is for what to do, after youve been hacked, exploited, and or defaced. Step 1, Change everything: If you believe, or think your site has

Best practices for securing your vBulletin site. - vBulletin Community Forum

http://www.vbulletin.com/forum/blogs/zachery/3993849-best-practices-for-securing-your-vbulletin-site

Getting Started This guide is intended to be a starting point for helping to keep your site safe and secure in the long run. It is not a be-all, end-all guide

Also please see these recent security announcements:

vBulletin 4.1.x-4.2.x & All versions of vBulletin 5: http://www.vbulletin.com/forum/forum...-1-vbulletin-5
vBulletin 5.0.x patch released, for a different security issue: http://www.vbulletin.com/forum/forum...d-all-versions

**Phat Phreddy** · Wed 11 Sep '13, 7:09am

Read..

Having removed the admins.. And reverted the entire filesystem to a backup.. And removed the install folder and updated to latest version..

How the hell are they getting back in.. There cant be any file hooks in a reverted filesystem .

**Zachery** · Wed 11 Sep '13, 9:19am

Hooks are in the database, not the file system. What if anything do you have listed under the vBulletin Product, in the PLUGIN manager?

**Phat Phreddy** · Thu 12 Sep '13, 5:11pm

So I have to lose how far back of posts on my forum ??

Theres daily database backups but damn I dont want to lose the content.

**Phat Phreddy** · Thu 12 Sep '13, 11:25pm

Looking for someone willing to work on cleaning this up.. $$

**hurricane_sh** · Fri 13 Sep '13, 5:54am

I don't think you have to remove any posts, have you checked your plugins as Zachery suggested? If all changes made by hackers are inside vBulletin database and directory, it shouldn't be hard to clean up.

vBulletin 4 End of Life

Myanmar Muslim Cyber Force - site hacked

Myanmar Muslim Cyber Force - site hacked

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Related Topics