Announcement

Collapse
No announcement yet.

Site was hacked warning.

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Site was hacked warning.

    My site was hacked into by a user with IP 124.217.254.157
    Please watch out. Im just upgrading to the newest version of 3.8 and am waiting for the 4.0 to be 100% before I spend money to get all the skins and upgrades done.

    This user injected malicious code into the sql somehow, we thought it was the software but it was the database. Upon cleaning up we noticed we lost some code as well. It was in some backups as well.

  • #2
    That IP is from Malaysia : http://whois.domaintools.com/124.217.254.157

    Comment


    • #3
      Originally posted by rknight111 View Post
      My site was hacked into by a user with IP 124.217.254.157
      Please watch out. Im just upgrading to the newest version of 3.8 and am waiting for the 4.0 to be 100% before I spend money to get all the skins and upgrades done.

      This user injected malicious code into the sql somehow, we thought it was the software but it was the database. Upon cleaning up we noticed we lost some code as well. It was in some backups as well.
      Are you sure it wasn't caused by a breach of security via the server and not the software?
      ManagerJosh, Owner of 4 XenForo Licenses, 1 vBulletin Legacy License, 1 Internet Brands Suite License
      Director, WorldSims.org | Gaming Hosting Administrator, SimGames.net, Urban Online Entertainment

      Comment


      • #4
        Higher chance of software, was probably an automated bot scouring the internet...
        http://www.offtopic.com.au/

        Comment


        • #5
          From what you have described, it sounds to me like a server intrustion.

          Did it remove the same coding from your backups too? or was that different?
          Jut a random internet person.

          A message to all illegal users!

          Comment


          • #6
            Sounds like server to me too, however there is one focus in vBulletin where this all could have happened in the software.. I am sure you have done some of this, but change
            all passwords on the server and admin(s) accounts on the vBulletin site, along with all Super Mods who may be admin, restore MySQL DB if damage was severe. ..

            Re-upload ALL vBulletin files from the same version of vBulletin, as it was exploited...

            Check your logs, to find out how this happen, it don't sound vBulletin related, but you never know,.. Next time you may not have a database looking back at you at 6.00am...
            Last edited by Joe Gronlund; Wed 17th Mar '10, 12:29pm.
            MCSE, MVP, CCIE
            Microsoft Beta Team

            Comment

            widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
            Working...
            X