Forums Hijacked!! Help!!

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • snIIper
    Member
    • May 2002
    • 57

    Forums Hijacked!! Help!!

    I woke up today to find out that my forums were completely hijacked by some hacker and now I'm completely SCREWED because I have no idea what happened or how to fix it. The admin page doesn't work, it seems like my account has been deleted, I have no way to access it, and I don't know if I can even restore the forums to its previous state because I don't have the backup.

    PLEASE I beg of you, someone help me fix this ridiculousness. on Christmas Eve of all days:

    www.insiider.com/php-bin/vbulletin

    Thank you, if you have any quicker responses, IM me at jimwong328.

    Thanks.
  • Floris
    Senior Member
    • Dec 2001
    • 37767

    #2
    Your account has been hacked. Contact your hosting provider to request an account password reset. Then delete the content of your account and request your host for a backup of the MySQL database prior to the hack. Then upload the 3.0.3 files and upgrade your database to 3.0.3 which isn't vunreable and has no known XSS exploits.

    Change your admincp/ and modcp/ directory and add .htaccess directory password protection to those two directories. Change your admin and other staff passwords so any compromised account can't be used again.

    Comment

    • snIIper
      Member
      • May 2002
      • 57

      #3
      What if my account had been deleted? Which means it says the accoutn I normally used isn't valid, so there's no way I can go to change anything.

      Comment

      • Floris
        Senior Member
        • Dec 2001
        • 37767

        #4
        That is an issue with your hosting provider and not with vBulletin itself. Contact your hosting provider please for support.

        Comment

        • Steve Machol
          Former Customer Support Manager
          • Jul 2000
          • 154488

          #5
          Actually you are running a horribly outdated version of vB with known security holes - 2.2.0. Please read this important announcement about a security issue with your version of vB:

          It has come to our attention that there has been an attack on a number of vBulletin installations that are running older versions of the software. They are taking advantage of a known security flaw that was fixed in subsequent versions. It is extremely important that you keep your software up-to-date in order to protect


          An email notice was sent to all licensed members about this several months ago.

          As for your forums, it's entirely possible that the hackers deleted your posts and other data. This happens most of the time. We can take a look for you to see if anything is salvagable. Fill out a support ticket at:



          Be sure to include the login info to your Admin CP, phpMyAdmin and FTP. If we can restore your data, then you will need to upgrade to at least 2.3.5 to fix this security hole. Therefore I suggest you check and make sure your license is active so you can download the latest version.
          Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
          Change CKEditor Colors to Match Style (for 4.1.4 and above)

          Steve Machol Photography


          Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


          Comment

          • RichM
            Senior Member
            • Jan 2003
            • 1136
            • 4.0.x

            #6
            I also suggest scanning your computer with something like SpySweeper from www.webroot.com. Would be a good idea if you asked your staff to do the same too. SpySweeper will detect things that most Anti virus software won't, so it is always best to have a combination of both antivirus software and antispyware software.

            I remember when that happened to me, we had to restart all over again and we had over 800.000 posts! The database was so big that it didn't backup properly. If only we had known that before the "hacker" messed it up!

            Just remember that the key thing to your forum is your members. At the end of the day, it doesn't matter how many threads or posts you have. As long as you the members can re-register, everything will come back eventually.

            Comment

            • snIIper
              Member
              • May 2002
              • 57

              #7
              Thanks for the help! Yeah my hosting companys a load of crap sometimes. The live user support says they can backup my MySQL database, then I e-mail them and they say they can't, etc etc.

              In this case, is there any way that vBulletin can help me out? The last MySQL database backup I have is from 2 years back, I've already submitted the data that Steve told me to, so hopefully all goes well there.

              Also yeah, Spysweeper = great program. Detects stuff even my other spybot detectors can't find.

              Comment

              • Roody
                Senior Member
                • Mar 2002
                • 832
                • 3.6.x

                #8
                Sorry to hear this happened to you snIIper. Once you get your site back up on it's feet I would suggest learning how to run MySQL backup's in the event something happens. Obviously, hindsight is 20/20, but at least you can have the peace of mind knowing you have it yourself if it is needed.

                Good luck with everything.

                Comment

                • Steve Machol
                  Former Customer Support Manager
                  • Jul 2000
                  • 154488

                  #9
                  What is your support ticket issueid number?
                  Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
                  Change CKEditor Colors to Match Style (for 4.1.4 and above)

                  Steve Machol Photography


                  Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


                  Comment

                  • snIIper
                    Member
                    • May 2002
                    • 57

                    #10
                    [SID-261204]

                    The helper told me to upgrade which is what i plan on doing.. but now my main problem is finding a way to get a more recent database backup or to recover recent posts. The last backup is from 2 years ago, is there any way you guys at vBulletin can help me since my service provider (globat) now refuses to?
                    Last edited by Floris; Sun 26 Dec '04, 2:25pm.

                    Comment

                    • Marc Smith
                      Senior Member
                      • Aug 2001
                      • 510
                      • 3.6.x

                      #11
                      I backup my database offsite daily. You should consider 'worst case scenario' for the future, but I'm betting if your host is not helping out you're SOL.

                      Good luck, my friend!

                      Comment

                      • Floris
                        Senior Member
                        • Dec 2001
                        • 37767

                        #12
                        Originally posted by snIIper
                        [SID-261204]

                        The helper told me to upgrade which is what i plan on doing.. but now my main problem is finding a way to get a more recent database backup or to recover recent posts. The last backup is from 2 years ago, is there any way you guys at vBulletin can help me since my service provider (globat) now refuses to?
                        Hi there,
                        No we can't help as we do not have your backups.

                        Comment

                        • Steve Machol
                          Former Customer Support Manager
                          • Jul 2000
                          • 154488

                          #13
                          Let me take a look at the database first before we write this off completely.

                          P.S. Please update your support ticket with the URL to phpMyAdmin.
                          Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
                          Change CKEditor Colors to Match Style (for 4.1.4 and above)

                          Steve Machol Photography


                          Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


                          Comment

                          • Marc Smith
                            Senior Member
                            • Aug 2001
                            • 510
                            • 3.6.x

                            #14
                            Good luck, Steve. I will say you've saved my butt several times when I had problems with my forums in the past, so if anything can be done you will be the one to do it. I'm not the one needing help this time, but it's appreciated.

                            Comment

                            widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                            Working...