2008-12-21, 07:15 PM
Hey guys,
My name is Swank and I am the webmaster of http://forums.webproxytalk.com. I have always been a fan of MyBB and love the feel of it.
I will go straight into the specifics, my site WPT got hacked yesterday when I was using 1.4.2 version. What happened was the hacker managed to get in and change the #1 admin user and password to something else, after I got my dedi host admin to restore the forum, the hacker hacked the system again after 5 mins. We finally managed to restore the forum and update the system to the latest MyBB 1.4.4 version.
However today the site got hacked again even with the latest version of MyBB, this time round the hacker decided to drop the whole Mybb_users table. My server admin restored the site again and we deactivated all plugins as we thought the hacker might have gotten in through one of the plugin loopholes. With that we even changed the cPanel and FTP password. After doing the above, 15 mins later the hacker hacked the site again and dropped the mybb_users table.
I have no idea how the hacker managed to keep consistently hack into the forum. The hacker emailed me and sent me the message below:
"Check the web will be continuous, if the admin provide 1 map for bags, bags will not do any more complaints and help fix errors Site"
I have no idea what he meant by that. When I asked him to stop hacking the site and to fix the errors, he wants me to pay him thousands of dollars to do that. Its really pissing me off.
Someone help me please, any advice is grateful. Thank you!
My name is Swank and I am the webmaster of http://forums.webproxytalk.com. I have always been a fan of MyBB and love the feel of it.
I will go straight into the specifics, my site WPT got hacked yesterday when I was using 1.4.2 version. What happened was the hacker managed to get in and change the #1 admin user and password to something else, after I got my dedi host admin to restore the forum, the hacker hacked the system again after 5 mins. We finally managed to restore the forum and update the system to the latest MyBB 1.4.4 version.
However today the site got hacked again even with the latest version of MyBB, this time round the hacker decided to drop the whole Mybb_users table. My server admin restored the site again and we deactivated all plugins as we thought the hacker might have gotten in through one of the plugin loopholes. With that we even changed the cPanel and FTP password. After doing the above, 15 mins later the hacker hacked the site again and dropped the mybb_users table.
I have no idea how the hacker managed to keep consistently hack into the forum. The hacker emailed me and sent me the message below:
"Check the web will be continuous, if the admin provide 1 map for bags, bags will not do any more complaints and help fix errors Site"
I have no idea what he meant by that. When I asked him to stop hacking the site and to fix the errors, he wants me to pay him thousands of dollars to do that. Its really pissing me off.
Someone help me please, any advice is grateful. Thank you!