MyBB Community Forums

My site got hacked by someone and he only seems to have access to my account (s.admin) on my site. I checked my cpanel and there's no IP login except my IP and there has been no new changes in my files in FTP.

The hacker claims to have my whole database, I know because they made a thread and I deleted it 5 secs after he posted it but not sure that he actually has the whole DB. I downgraded the hacker and made my test account the s.admin.

Plugins I'm currently using

Achivements (2.4)
Great achievements automated system.
Created by Edson Ordaz Deactivate Uninstall
Admins can log into Users' accounts (1.2)
Allows admins to log into another user's account via their profile, and quickly swap back to their account via the Logout link.
Created by ZiNgA BuRgA Deactivate
Akismet (1.2.2)
Akismet is a program that helps prevent SPAM on your forum.
Created by MyBB Group Install & Activate
Advanced MyCode Permissions (1.4)
Allows you to set permissions for custom MyCode use. Also allows you to use variables in your mycode.
Created by Jammerx2 Deactivate
Contact Form (3.2)
Creates a contact form for members and guests.
Created by Jesse Labrocca Deactivate Uninstall
Courtesy Edit Time (1.0)
Allow a courtesy edit time, whereby the 'edited by' message won't show up for a set amount of time.
Created by MattRogowski Deactivate Uninstall
Deny Banned IPs (0.1)
Deny banned users from registering again.
Created by Yaldaram Deactivate
Donation Page (2.1)
Sets up a page where your users can donate to your PayPal account.
Created by MyBBWebHost Deactivate
Easy Refer (2.0)
Creates an invitation form which adds the members referral code. Also shows the users referrals.
Created by Jesse Labrocca Deactivate
Edit Time Limit/Legend Permissions (1.0.1)
Adds two usergroup permissions for edit time limit and removing Edited by legend.
Created by Starpaul20 Deactivate Uninstall
Forum Icons (3.0)
Adds icons to forums on index.
Created by Jesse Labrocca Deactivate Uninstall
Guests Can't View Threads (1.1)
Guests cannot view threads.
Created by Jammerx2 Deactivate
Goodbye Spammer (1.0)
Makes it easy to delete all traces of a spammer from your forum.
Created by MattRogowski Deactivate
Google SEO (1.6.3)


Google Search Engine Optimization as described in the official Google's SEO starter guide. Please see the documentation for details.
Redirect and URL are disabled. (Configure)
Add to .htaccess:
# Google SEO Sitemap:
RewriteRule ^sitemap\-([^./]+)\.xml$ misc.php?google_seo_sitemap=$1 [L,QSA,NC]
404, Meta and Sitemap are enabled. (Configure)

Created by Andreas Klauer Deactivate Uninstall
Hellban (1.0)
Hellban users so they can still post and view posts, but no one else can see their posts.
Created by Paul H. Deactivate
Hello World! (1.0)
A sample plugin that prints hello world and prepends the content of each post to 'Hello world!'
Created by MyBB Group Activate
Hello PluginLibrary! (hello_pl.php)
A sample plugin for developers that demonstrates the features of the PluginLibrary.
Created by Andreas Klauer Install & Activate
Links and Attachments lock until post (1.2)
Will hide all links on posts and remove the attachment box if user has not replied to the thread.
Created by Sergio Montoya Deactivate Uninstall
Hide Links to Guests (1.0)
Show a message to guests instead of links.
Created by DragonFever Deactivate
Hot Words (1.0)
Use this plugin to stop spam posts.
Created by Jesse Labrocca Deactivate
Mods Cant Edit Admins Posts (1.1)
Moderators cannot edit administrators posts.
Created by Jammerx2 Deactivate
Moderation Post Count (0.1)
Shows a counted number of moderation posts Globally.
Created by Yaldaram Deactivate
Mod Rep Log (1.0)
This is for moderator logs of reputations.
Created by Jesse Labrocca Deactivate
Monthly Stats (1.0a)
Displays thread and post stats by month.
Created by Jesse Labrocca Deactivate
My Meta Tags (2.1a)
This adds meta tags to your forums and threads dynamically.
Created by Jesse Labrocca Deactivate
MyFlood (1.2)
A plugin which allows you to prevent flooding through new posts and new threads per usergroup.
Created by Polarbear541 Deactivate Uninstall
Show the users that has been online today (2.0)
Shows the users that has been online within 24 hours.
Created by CraKteR Deactivate
PluginLibrary (11)
A collection of useful functions for other plugins.
Created by Andreas Klauer Install & Activate
Private Messages Admin (2.4.3)
Gives admins the ability to look through their forums private messages.
Created by Aaron Deactivate
Profile Groups (1.0)
Complete list of a users groups in profile.
Created by labrocca Deactivate
Prune Members (2.0)
Delete members with zero posts, inactive, or unactivated in bulk
Created by Jesse Labrocca Deactivate
Repeat Report (1.0)
Disallows a file to be repeatedly reported.
Created by Jesse Labrocca Deactivate
Repoco (1.0)
Shows reported post count in members profile.
Created by Jesse Labrocca Deactivate
Self Close (1.1)
Allows groups to be assigned the ability to self close threads.
Created by Jesse Labrocca Deactivate Uninstall
Spoiler BBCode (1.6)
Hides text specified in the [spoiler] tag.
Created by Sephiroth Deactivate
Sticky Manager (0.1)
A tool to show all stickies of your forums in ACP.
Created by Yaldaram Deactivate
Tabbed Menu (2.0.2)
Adds tabbed menu to your index page.
Created by Jesse Labrocca Deactivate Uninstall
Welcome PM/Email (1.1)
[Configure Settings]
Sends a PM/Email to new users welcoming them to the forum.
Created by - G33K - Deactivate

I'm running the latest version of MyBB and all my plugins are up to date. Also, a member joined few minutes before my site got hacked if that matters.

Check your MyBB admin logs. What did he do to the site?

He did nothing. I checked the admin log there's nothing new, basically everything I did from last night til today. The hacker tried to log in to the ACP but couldn't because after 5 fail logins the ACP got locked.

I have secret pin at the ACP so he didn't access the ACP at all.

it sounds mostly like he just cracked your account, not your forum ...

(2012-11-13, 03:30 AM)brad-t Wrote: [ -> ]it sounds mostly like he just cracked your account, not your forum ...

True but it's pretty hard to crack my account unless they had a keylogger or a RAT installed on my PC. I scanned it from each corner but didn't find anything.

The hacker didn't try to bruteforce plus I use a highly complex password and the password was not reset through the email.

shared, vps or fully dedicated hosting? local or remote mysql server?

Forgot to mention. Shared hosting and how do I find out the second part?

Also, what do I do now to make sure my members and site is safe?

What database host did you enter during your MyBB installation?

If it is localhost, then it would be local mysql server. If not, it would be remote mysql server.

What version of MyBB do you have?

Change your passwords and make it a very strong one. Also rename your admin folder too. And to just be safe, change the ftp account and mysql db user and password too. Do not forget to update the config.php file as well with the new db username and password afterwards.

Also scan your server space for any suspicious file that shouldn''t be there.

If the hacker got hold of your account he could have made a backup of your db from your admin panel. If I were I would move that option from my Acp.

(2012-11-13, 02:35 AM)Joker552 Wrote: [ -> ]He did nothing. I checked the admin log there's nothing new, basically everything I did from last night til today. The hacker tried to log in to the ACP but couldn't because after 5 fail logins the ACP got locked.

I have secret pin at the ACP so he didn't access the ACP at all.

You weren't hacked then... he was locked out and no harm was done, am I right?