Register Members List Search Today's Posts Mark Forums Read

Thread Tools
Old 01 Mar 2010, 23:15
cammot cammot is offline
Join Date: Jul 2009
Site Attacked

I need some urgent help. It seems that my vB4 suite site has been attacked by a hacker. What has happened is that a new section has been added to the list of sections on my home page. The new section is an advertisement with some profanity on it. Clearly, who ever did this may have had access to my CP, and add the new sections.

Aside from trying to determine how this might have happened, I am unable to delete the section becasue there is no 'delete icon' next to it. I am however, able to block the viewing on the front end of this specific section, by removing all the permissions except to the administrator.

I recently updated the latest patch 4.0.2 so not sure how this has occured, and how to prevent it from continuing - and also removing the section.

Any help would be greatly appreciated.

Reply With Quote
Old 02 Mar 2010, 00:47
ChopSuey ChopSuey is offline
Join Date: Jun 2009
Location: Alaska
Real name: Corey
One big tip about running a forum "Always use strong passwords"

Thats how he got to your AdminCP
Reply With Quote
Old 02 Mar 2010, 02:28
cammot cammot is offline
Join Date: Jul 2009
I agree with the need for strong passwords, which I have. But it's an assumption on your part to suggest that's the only way a hacker can infiltrate a site. That's why they discover security holes from time to time, and releases security patches.

Reply With Quote
Old 02 Mar 2010, 04:13
Lynne's Avatar
Lynne Lynne is offline
Join Date: Sep 2004
Real name: Lynne
You cannot delete the section until you have removed all the articles from it.

Check your access_logs and see if you can determine how they got in.
Former Staff Member

Try a search before posting for help. Many users won't, and don't, help if the question has been answered several times before.
W3Schools -
Online vBulletin Manual
If I post some CSS and don't say where it goes, put it in the additional.css template.
I will NOT help via PM (you will be directed to post in the forums for help.)
Reply With Quote
Old 03 Mar 2010, 21:00
mrt12345's Avatar
mrt12345 mrt12345 is offline
Join Date: Feb 2009
I had problems also but it is just spammers and there dam software they use i just added a security question for registration and so far it has help quit a bit.
Reply With Quote
Old 04 Mar 2010, 00:52
RandyO RandyO is offline
Join Date: Jan 2006
Your server needs proper security.. brute force attacks are all too common (my servers ban dozens of IP's daily for these) If your web host does not run some type of protection from brute force attacks, you need a new host..

ALSO Make sure your mysql db password in the config file is uber complex as well.. good hackers really do not use the GUI in most cases.. they inject code through an insecure script and it may not even be related to your forum...

Good luck... for me? a server gets hacked and it is full system dump and reload of the OS...
Reply With Quote
Old 05 Mar 2010, 18:41
cammot cammot is offline
Join Date: Jul 2009
Thanks for all the comments. I think I finally think I found the method used, if this helps anyone. Apparently one of my forum's was accessible for non registered, and an article that was created on the forum also had comments (replies) enabled. So the spammer took advantage of making a comment, that somehow even changed the forum title. HTML was allowed on the comment box. So it could be that these contributing factors led to how my site was infiltrated without a password being necessary.

Reply With Quote

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

New To Site? Need Help?

All times are GMT. The time now is 23:06.

Layout Options | Width: Wide Color: