This weekend, started from Friday 21th, http://www.GameReviews.com was hacked. Vbulletin was closed and this is the board message. Screen shot:
http://www.SmartClickz.com/hacked.jpg

Now, it looks like the site was being SQL Injection, the hacker changed admin email, using forgot password option, then change the Forum Closed Message.

But it has more problem that just that, right now, the site is still being abuse and spam by and being DOS attack, The hacker somehow able to put malicious files on the server. It seems to me they been exploited PhotoBlog upload options to upload files

Edit: Security bug found.

^ ^
first thing then, disable your photoblog for now. Also get checking server logs, and get banning ip ranges to keep these people out. Obviously remove any malicious files found.

If you can identify and patch the initial exploit, you may want to restore from a backup then immediately patch.

^ ^
first thing then, disable your photoblog for now. Also get checking server logs, and get banning ip ranges to keep these people out. Obviously remove any malicious files found.

If you can identify and patch the initial exploit, you may want to restore from a backup then immediately patch.

My site is hosted virtually and they can onle tell me whats happening right now, It seem the hacker is done with the forum and moving to our main script. I was half impressed half shaking cause I am using vb latest version.