Joomla can be more friendly for hackers too !!!

[Faun]

For 1 week my net connection was down ! And today when I opened my blog (webofgoo.com), I found that the index page was altered by some hacker.
*i269.photobucket.com/albums/jj44/visio159/sss.jpg

One thing is sure that same guy hacked into other users having Joomla installed. I too has version 1.5.8 but never used it (someone else did...lol). I didn't even installed any addons or posted any post in that, it was a vanilla install.

Now I have removed Joomla, Drupal is still running goog. He did change my wordpress blog's (t.webofgoo.com) current theme index page (I wonder why ? He could have simply place an index file in the main directory).

Rohan Shenoy aka Victo Rambo any words on it. Probably hacker used password vulnerability as I got this link in Joomla Forum:
*forum.joomla.org/viewtopic.php?f=432&t=316567

PS: Thankfully I had a different password set for WHM and my email That saved some guys who share their website in my reseller account.

 

[Ecstasy]

Could it be one of the forum members?

 

[Faun]

^^nope as this guy uses MS frontpage to make pages...lol. Probably he is from Arabian land.

 

[victor_rambo]

Could it be one of the forum members?

You mean rohan_shenoy?

hmmm...i can' t tell enough because I have not fiddled enough with jooma code!
BTW I have seen many joomla installations hacked in the past. I think NucleusCore's was also hacked!

And what did you say abt the WP theme? Can u plz explain it better? Cudnt get it!

 

[Ecstasy]

I used to hang out in one of the European gaming server forum and it was vBulletin and even that got hacked by the Turkish people. Whenever someone clicks on any thread or any section it redirects to some Turkish site. The reason why I'm saying is cause i think vBulletin is hard to hack as it doesn't have much vulnerability.

 

[thewisecrab]

I was shocked on opening your site, T
Anyway, glad its been sorted
PS. My friend ditched Joomla because of the same reason about a year ago

 

[Faun]

^^yeah, I wasn't using Joomla for website. I was just learning to use Joomla and Drupal apart from wordpress. Already started learning Drupal, loving it so far. It's just amazing at how much you can do with it. Ofcourse I won't be learning Joomla now, already removed it

Friggin BSNL put me out of the internet for one week.

I knew that NucleusKore's website was hacked and it was Joomla too.

 

[Liverpool_fan]

This is sad...
But at least you didn't lose anything precious...
Umm... I was considering Joomla, but now with this and considering its SEO is poor, I guess I should look at other CMSes...

 

[Abhishek Dwivedi]

the latest secured version of Joomla is 1.5.9 if ur using a 1.5.x built...safest is to use J1.0.x

the exploit u r talking abt (that link to joomla forum) works only with Joomla 1.5.4 and below...it exploits forgot my password frm the frontend...it was patched up in the Joomla 1.5.5 release...

moreover, there are certain measures u need to take in order to secure ur site...no CMS is secure out-of-the-box...

This is sad...
But at least you didn't lose anything precious...
Umm... I was considering Joomla, but now with this and considering its SEO is poor, I guess I should look at other CMSes...

no its SEO is not poor...its got one of the most customizable SEO features using certain extensions like sh404sef...

 

[mrintech]

Now I got who is victor_rambo

 

[Liverpool_fan]

the latest secured version of Joomla is 1.5.9 if ur using a 1.5.x built...safest is to use J1.0.x

the exploit u r talking abt (that link to joomla forum) works only with Joomla 1.5.4 and below...it exploits forgot my password frm the frontend...it was patched up in the Joomla 1.5.5 release...

moreover, there are certain measures u need to take in order to secure ur site...no CMS is secure out-of-the-box...



no its SEO is not poor...its got one of the most customizable SEO features using certain extensions like sh404sef...

Thanks for the info.

 

[NucleusKore]

You should keep updating. Current is 1.5.9
I have subscribed to the security feed on Google reader. I check once a day and update as soon as the patch is released. That's the least I can do.

Also read this
*forum.joomla.org/viewtopic.php?f=432&t=335090

 

[Faun]

^^mine was 1.5.8, I was not running any site on it. It was just for learning...lol. Probably I should've installed it on a very cryptic subdomain instead of main domain.

Anyway, it was a good excuse for me to upgrade to wordpress 2.7 (though I lost a lot of customizations I did to my previous wordpress install and plugins). So far its running fine.

 

[NucleusKore]

Ok
I have been hacked, so I've learnt the hard way, it pays to stay up-to-date.

 

[Kl@w-24]

Dearie me!! That certainly shows that when developers want you to upgrade to a newer version, you probably should (if it's free, that is).

I'll keep this incident in mind while setting up my site. Glad everything's alright now, though.

 

[krates]

i think your DB must be there... reinstall joomla the old version only set it up again and then update it to the newer version if there is any.. change the pass and don't think much more

if your DB is not there ask your hosting provider that does they keep back up of sites ...
most of the hosting provider back up the sites every week .....

hope everything will be fine...

 

[NucleusKore]

^+1
I now use the lazybackup to backup the DB
*extensions.joomla.org/extensions/4445/details

 

[Abhishek Dwivedi]

or better use JoomlaPack extention...makes a backup of ur complete site with database and an autoinstaller of ur backup...no pain in a**

 

[NucleusKore]

^Thanks

 

[Faun]

I had the backup, but only bloody thing was that I was on a vacation for whole week so the things went a little worse.

Any way, security is a never ending thing. You must upgrade, watch, protect whats yours.

Btw I got the IP address from where the hack was done and the timing too

Its from Saudi Arabia, Riyadh There were three IP's, IMO dynamic IPs for a single PC.