- Posts: 31
- Thank you received: 0
joomla hacked
-
nazanintb
Inactive member -
Topic Author
- Member
-
Less
More
8 years 5 months ago #46754
by nazanintb
joomla hacked was created by nazanintb
Hello :
My host has notified me that my website is hacked and infected and has suspneded it. These are the 28 files that are infected. I have no idea what to do. Is there any way you can help me ? I am using architecture template.
Your account is currently used for hosting these viruses:
/home/jail/srv/disk2/607840/www/vandait.com/index.php: PHP.Backdoor-1455725738.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/home.bak.php: PHP.Injection-1471424340-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/googleee3155825f13b5bc.html: Legacy.Trojan.Agent-1388596 FOUND
/home/jail/srv/disk2/607840/www/vandait.com/cry.php: PHP.Injection-1471423761-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/involved.php: PHP.Injection-1471423761-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/blew.php: PHP.Injection-1471423761-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/remain.php: PHP.Injection-1471423761-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/administrator/components/com_kunena/media/css/Paris.php.infected: PHP.Injection-1471426186-1-experimental.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/administrator/components/com_finder/tables/template.php.infected: PHP.Shell-Obfsc-MASS-2.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/administrator/components/com_languages/models/strings.php: PHP.Injection-1472114234-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/administrator/modules/mod_arkupdate/db91.php: PHP.Injection-1472114234-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/plugins/editors/arkeditor/ckeditor/plugins/wsc/xeinit.php: PHP.SEO-Eval-1421946494.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/plugins/editors/arkeditor/ckeditor/plugins/specialchar/dialogs/disappear.php.infected: PHP.Injection-1471426186-1-experimental.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/plugins/system/webmastersiteverification/template.php: PHP.Shell-Obfsc-MASS-2.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/libraries/fof/hal/bvwhul/ydgav.php: PHP.HostingShell-7-GBLS-48.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/libraries/joomla/access/rule.php: PHP.Injection-1466600542-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/libraries/legacy/web/client.php: PHP.Injection-1472114234-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/components/com_kunena/views/category/view.html.php: PHP.Injection-1472114234-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/components/com_media/alias.php.infected: PHP.Shell-Obfsc-MASS-2.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/layouts/joomla/editors/buttons/footer3.php: PHP.Injection-1472114234-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/layouts/joomla/system/bat.php.infected: PHP.Injection-1471426186-1-experimental.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/en/administrator/components/com_users/views/users/tmpl/block.php.infected: PHP.Injection-1471426186-1-experimental.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/en/libraries/pattemplate/patTemplate/xml.php: PHP.Injection-1472114234-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/en/plugins/system/legacy/patfactory.php: PHP.Injection-1472114234-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/en/plugins/editors/tinymce/jscripts/tiny_mce/plugins/inlinepopups/skins/clearlooks2/xe_php.php: PHP.SEO-Eval-1421946494.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/en/plugins/editors/tinymce/jscripts/tiny_mce/plugins/save/tears.php.infected: PHP.Injection-1471426186-1-experimental.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/en/plugins/content/blog.php: PHP.Injection-1472114234-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/en/components/com_newsfeeds/views/xe_php.php: PHP.SEO-Eval-1421946494.UNOFFICIAL FOUND
SCAN SUMMARY
Infected files: 28
Until these are removed we cannot re-activate the website.
My host has notified me that my website is hacked and infected and has suspneded it. These are the 28 files that are infected. I have no idea what to do. Is there any way you can help me ? I am using architecture template.
Your account is currently used for hosting these viruses:
/home/jail/srv/disk2/607840/www/vandait.com/index.php: PHP.Backdoor-1455725738.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/home.bak.php: PHP.Injection-1471424340-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/googleee3155825f13b5bc.html: Legacy.Trojan.Agent-1388596 FOUND
/home/jail/srv/disk2/607840/www/vandait.com/cry.php: PHP.Injection-1471423761-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/involved.php: PHP.Injection-1471423761-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/blew.php: PHP.Injection-1471423761-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/remain.php: PHP.Injection-1471423761-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/administrator/components/com_kunena/media/css/Paris.php.infected: PHP.Injection-1471426186-1-experimental.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/administrator/components/com_finder/tables/template.php.infected: PHP.Shell-Obfsc-MASS-2.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/administrator/components/com_languages/models/strings.php: PHP.Injection-1472114234-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/administrator/modules/mod_arkupdate/db91.php: PHP.Injection-1472114234-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/plugins/editors/arkeditor/ckeditor/plugins/wsc/xeinit.php: PHP.SEO-Eval-1421946494.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/plugins/editors/arkeditor/ckeditor/plugins/specialchar/dialogs/disappear.php.infected: PHP.Injection-1471426186-1-experimental.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/plugins/system/webmastersiteverification/template.php: PHP.Shell-Obfsc-MASS-2.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/libraries/fof/hal/bvwhul/ydgav.php: PHP.HostingShell-7-GBLS-48.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/libraries/joomla/access/rule.php: PHP.Injection-1466600542-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/libraries/legacy/web/client.php: PHP.Injection-1472114234-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/components/com_kunena/views/category/view.html.php: PHP.Injection-1472114234-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/components/com_media/alias.php.infected: PHP.Shell-Obfsc-MASS-2.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/layouts/joomla/editors/buttons/footer3.php: PHP.Injection-1472114234-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/layouts/joomla/system/bat.php.infected: PHP.Injection-1471426186-1-experimental.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/en/administrator/components/com_users/views/users/tmpl/block.php.infected: PHP.Injection-1471426186-1-experimental.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/en/libraries/pattemplate/patTemplate/xml.php: PHP.Injection-1472114234-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/en/plugins/system/legacy/patfactory.php: PHP.Injection-1472114234-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/en/plugins/editors/tinymce/jscripts/tiny_mce/plugins/inlinepopups/skins/clearlooks2/xe_php.php: PHP.SEO-Eval-1421946494.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/en/plugins/editors/tinymce/jscripts/tiny_mce/plugins/save/tears.php.infected: PHP.Injection-1471426186-1-experimental.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/en/plugins/content/blog.php: PHP.Injection-1472114234-1.UNOFFICIAL FOUND
/home/jail/srv/disk2/607840/www/vandait.com/en/components/com_newsfeeds/views/xe_php.php: PHP.SEO-Eval-1421946494.UNOFFICIAL FOUND
SCAN SUMMARY
Infected files: 28
Until these are removed we cannot re-activate the website.
Please Log in to join the conversation.
-
milos
Support Staff -
- Moderator
-
Less
More
- Posts: 6777
- Thank you received: 720
8 years 5 months ago #46755
by milos
Replied by milos on topic joomla hacked
Hello,
Your server is obviously hacked. Hacking of server usually happens when you have outdated version of Joomla or old components on it. Template itself can't be hacked because it doesn't contain any complex code with possible security holes in it.
Also, if you are on a shared hosting, maybe your site is not hacked at all. Maybe another user's site, that's also on this server has been hacked. And, since your sites are on the same server, hackers got access of all sites hosted on this server.
Please contact hosting support. Only solution is to delete everything from the hosting space and restore site from backups. After this, make sure that backup doesn't contain viruses as well.
Thanks,
Milos
Your server is obviously hacked. Hacking of server usually happens when you have outdated version of Joomla or old components on it. Template itself can't be hacked because it doesn't contain any complex code with possible security holes in it.
Also, if you are on a shared hosting, maybe your site is not hacked at all. Maybe another user's site, that's also on this server has been hacked. And, since your sites are on the same server, hackers got access of all sites hosted on this server.
Please contact hosting support. Only solution is to delete everything from the hosting space and restore site from backups. After this, make sure that backup doesn't contain viruses as well.
Thanks,
Milos
Please Log in to join the conversation.
Time to create page: 0.146 seconds