Good Morning. I have a Web Hosting Forum running vBulletin that has been hacked: www.HostBoards.com Any advice on how to repair and prevent this in the future would be appreciated. Has anyone heard of this group, V!RuS_BaGhDaD? Is this just kids having fun? Thank you
Sadly I made no backups. However, I think this might be a simple index swap hack that might be able to be reversed (I'm hoping so anyway
They most likely exploited your website either from another account on the server (assuming you are on shared hosting). I would recommend updating vBulletin to the latest version once you get the forum back up to date and move to VPS or Dedicated hosting so other users cannot access your files.
Hi jay-S I don't believe that this is a server isssue, i believe he was hacked through the index.php and for having outdated software. I guess the only way he will find out how he was hacked is by looking at his logs. Steve
If you have a good hosting provider then they may have a back up. Try to contact them and also fix your site with latest VBulletin.
Best thing you can do is, ask your hosting company for the latest backup. Delete your current board as it may have some malicious scripts or backdoor shell installed. Install a fresh copy and import the DB!
Looks like your site is hacked again, or you never were able to fix it the first time. Anyway, after getting your site backup I would take a look at the plugins you are running. I've heard of some V Bulletin chat plugins having vulnerabilities. I'd also ask your web host if the entire server got hacked, and not just your website.
I got hacked a few weeks ago and it was a case of the hacker exploiting the hosting providers cpanel in order to gain access to all sites hosted on that server (around 70000!) from there i figured there was nothing that could be done and it was a web hosting provider vulnerability, check that first and change your index page back to the old one.
There is no way that 70,000 websites can be hosted on one server! To stop this from happening update all of your sites/software to the latest version. If your database is in tact you should be fine.
Sorry i made a typo with the number of websites, it was actually 700,000 that were hacked, and yes I should have been more specific, I am aware 70,000 websites cant be hosted on one server but I was thinking of the singular term when referring to the hosting provider. Heres some news stories relating to the hacks experienced: http://www.webhostinghub.com/suppor...shooting/status-of-september-tiger-mte-attack http://latesthackingnews.com/?p=112
You have a great domain name, and it looks like your site is still not back yet. I would suggest installing a fresh installation of vbulletin (latest version) after installation delete the database and upload your latest MySQL Backup from the old board. If you had any mods installed you would have to re-install them again but that's the only thing you would be losing, I would suggest that you move your site to a vps and that way you have better control over your account. You can install CSF it's a good firewall and DDOS Prevention, it looks for open ports and security threats and gives you specific details on what to do. I did a little research on the group that hacked you, and it appears that they have been around hacking more sites. http://modirerooz.com/ http://al7ob-almst7el.com/vb/
Those groups attacked alot of site including forums , they look for any vulneri. on any forum like faked or nulled hooks and then attack the site if the server is protected well from opening shells , they will only uploading their index and will not attack your databases which are very very important