|
Help re my hacked/infected vBulletin site
Thu 10 Oct 2013, 6:05 pm
!!! HELP !!! Requesting suggestions, advice insight regarding hacked and massively infected website. I also posted this over on vBulletin.com. I am not technical, so please keep that in mind in your kind replies 1. Website hacked by self-proclaimed "Mustafa the Hacker." Restored site from backup, and thought all was well . . . but shortly thereafter, host (FatCow) suspended my account due to massive amounts of infected files. 2. I don't know how particular or peculiar this is to vBulletin as I have 3 websites on one host/one account : vBulletin, WordPress and Open Cart (shopping cart). vBulletin was the only one involved. 3. Backups on host also infected, so could not restore from backup. 4. Purchased a third-party product ($40) from host called SiteLock which was supposed to clean infection. Did not! 5. Went directly to SiteLock and purchased a "clean" for $200 which they assured would solve problem. 6. Two or three times now, StieLock has sent me a message saying that site has been cleaned. 7. FatCow (host) responds saying their scan still shows hundreds of infected files. And responds sympathetically but UNHELPFULLY as to their role in all of this. SiteLock hardly providing any useful communication at all. This is now ten days old! I am just working on blind faith here that if site can be dis-infected, that the content and design is not completely destroyed. ******************** 1. Anyone familiar with "Mustafa" and the nature of this attack and what can be done about it? Anyone else gotten hit? 2. If FatCow and SiteLock will not help me, can recommend a third party individual or service who knows what the f**k they are doing and can fix this? 3. Any other suggestions and discussion are most welcome and appreciated. Thanks. Rex Khon Kaen, Thailand http://www.mindbodythailand.net |
Did you do all of the following?
First you need to follow our advisory about deleting the install folder off your forums. Then please read the following two blog posts: http://www.vbulletin.com/forum/blogs...ve-been-hacked http://www.vbulletin.com/forum/blogs...vbulletin-site Also please see these recent security announcements: vBulletin 4.1.x-4.2.x & All versions of vBulletin 5: http://www.vbulletin.com/forum/forum...-1-vbulletin-5 vBulletin 5.0.x patch released, for a different security issue: http://www.vbulletin.com/forum/forum...d-all-versions |
Thu 10 Oct 2013, 6:31 pm
Thanks for the lightning-fast response Ozzy! I am reading the threads you pointed to now. However, I had the last upgrade done professionally in July by SEOvB.com . I just had a looksee on the server and there is a folder forum/install/ . I assume that is the one you said should have been deleted? Crap! Thanks for your help. I'm sure I will have more later. |
Yeah after deleting that, then follow the steps in the blog post, thoroughly.
|
| All times are GMT. The time now is 05:12 PM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|