MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 General Support > Forum Just got Hacked?!
Full Version: Forum Just got Hacked?!
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

TC223

2011-03-28, 04:24 AM
My forum @ http://forum.fbodygathering.com appears to have been hacked. I was on it earlier tonite so it just happened within the last 2 hours. It redirects to some chinese page. (http://ynacac.com/) but it doesnt say that in the address bar, it holds my domain. If ya try the admin link it gives you login prompts for some chinese site too! pretty crazy/scary and never seen it before.

I've contacted my web host and they started a ticket. FTP shows nothing changed on my timestamps so I am assuming at the moment it has something to do with MySQL.

Anything else I should check via FTP? I'm more concerned at the moment if this is a real hack I'd like to contribute what I can to help further development of MyBB (which has always been fantastic btw)

~Drew

pyridine

2011-03-28, 04:59 AM
Looks fine from what I can see.

Hora

2011-03-28, 05:04 AM
Your forum is working fine.

TC223

2011-03-28, 05:05 AM
Your right. It has been restored. Angry I should have followed my gut and posted a screen shot. Can't wait to see what the web host responds with. Was really odd. Redirected to the other site yet it left my URL in the address bar. Now I can't even hit the domain it redirected too. I've been doign this for awhile and never seen anything like that.

I promise I'm not crazy, Even the web host support guy saw it. Huh Should the host actually admit to a security issue on their side I will be sure to share it.

Paul H.

2011-03-29, 01:10 PM
It could have been a domain issue.

Deer

2011-03-29, 02:56 PM
Some reason from maybe you got hacked

1) Maybe the hosting company that you are hosted has not enough security , maybe from another host of that company ,the hackers hacked your database (like manytimes)
2) You got infected via rat/backdoor/keylogger
Some ways how you got hacked :
a) they got your FTP info and uploaded the index.html (hacked index)
b) they got your admin username & password in forum , went to admincp and uploaded .xml hacked file theme.

My opinion is that you got infected by keylogger/rat or backdoor
Thanks
~Deer

NewEraCracker

2011-03-30, 03:05 AM
Oh dear. Just a question. Does php run as apache module or as (fast-)cgi?

I've seen many people getting their sites hacked while using shared hosting because host is running apache as nobody (that has reading permissions to at least /home/ ), attacker finds database details and then is free to do what ever he wants with them.

Regards,
NewEraCracker.
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 General Support > Forum Just got Hacked?!