MyBB Community Forums

I just found a few days ago that my forums were redirecting traffic to some malware. After further investigation I found the malicious code which was pasted in every single php file on my server. Luckily only my forums use php so I was able to fix the problem by upgrading mybb and thus replacing all the contaminated files with clean ones.

I upgraded from mybb 1.4.11 to 1.4.13.

I was just wondering if anyone has experienced something similar or would know how someone could have done this? I suspect it was done through the forums as that is the only part of my site which is interactive.

www.fearstavern.com

Hacker hacked to your account.

You were probably hacked due to you using a version with loopholes.
I haven't ever been hacked on any sites I'm an administrator of.

You should have to upgrade before that happened =/

It sounds like your hosting account was hacked rather than MyBB if every file was written to. It's highly unlikely for you (and would be rather stupid) to have given all files write permissions, so if all files have been written to, they'd have had server access, and server access details aren't stored in MyBB.

It was most likely your hoster was hacked using a shell called GNY shell, it can inject HTML codes to your site.
They problaby injected redirection or a iFrame to infect your users.
If you have any contact with other forums hosted on the server, hit them up.

Found out the problem isn't with mybb but rather with the host (which they are still denying). Thousands and thousands of sites have been hacked by this malware.

http://theandystratton.com/2010/godaddy-...g-hack-fix

Godaddy = Fail

The only good thing is the cheap domains.