I can't log in at all and all my forum threads are gone. It still shows the thread titles on the index page but when you click on it says the specified thread does not exist.
I tried to reset my password as well but it says my email doesn't exist.
Forum url:
http://www.carfanaticsforum.com/index.php
Well, as I can see you use mybbextras plugins (or, if I'm wrong, something similar, skip this paragraph then), I had a chance to see few codes made by the owner and they are badly programmed, containing many security holes. A hacker may have used one of their vulnerabilities.
If you hadn't tried any new plugin/code/query or something before it happened, I'm quite sure you're hacked - not only all threads disappeared, but also all members except Oldschool. Now you need to go through this:
http://community.mybb.com/thread-110890.html Read everything carefully and make sure to take every necessary step to avoid such situation in future.
(2014-04-21, 08:52 PM)ALUXi33 Wrote: [ -> ]I can't log in at all and all my forum threads are gone. It still shows the thread titles on the index page but when you click on it says the specified thread does not exist.
I tried to reset my password as well but it says my email doesn't exist.
Forum url: http://www.carfanaticsforum.com/index.php
Well if yh forum Get Hacked u can PM me and i will fix this issue for you if u would like.
Better Security and i can give u the option on what plugins Hackers are Hacking you with.
Is there anyway to get the threads, users, and posts back? Sadly no backup was done for a few weeks.
The hacker deleted all the users, threads and posts, but this still shows up when visiting the index page:
[
attachment=31421]
No. its not possible.
I would suggest that you remove all your admins (except yourself)
If you can access ACP go to ACP > Users & Groups {TAB} > Make a new group & add all admin access permissions to it as your current Admin group.
Then make a new user & add him in the group. Be sure to choose a normal username so that none know who he is.
Then still in ACP > Users & Group {TAB} > Delete other admins if you have. (change their group to registered.
Then in admin group permissions unmark the "Yes, Uses in this group can access AdminCP" option.
Do not change the hidden group's colour as admin or someone will know that you are using another account as admin.
No one knows that there is a hidden admin & if hacker will try to hack your admin account again he cannot do anything
Idea from:
http://www.mybbsecurity.net/topic-securi...inistrator
Good luck!
(2014-04-23, 01:46 PM)VIP3R69 Wrote: [ -> ]If you can access ACP go to ACP > Users & Groups {TAB} > Make a new group & add all admin access permissions to it as your current Admin group.
Then make a new user & add him in the group. Be sure to choose a normal username so that none know who he is.
Then still in ACP > Users & Group {TAB} > Delete other admins if you have. (change their group to registered.
Then in admin group permissions unmark the "Yes, Uses in this group can access AdminCP" option.
Do not change the hidden group's colour as admin or someone will know that you are using another account as admin.
No one knows that there is a hidden admin & if hacker will try to hack your admin account again he cannot do anything
Idea from: http://www.mybbsecurity.net/topic-securi...inistrator
Good luck!
Thanks.
Forum is back up.
Looks like the hacker was from India. I had somone from that country do some work for my forum. You have to be careful who you can trust.