1
Four years ago, I installed XOOPS as a CMS for a community sports club; I think it's version 1.7. Haven't upgraded it since then.
Yesterday, I visited that website and immediately my Firefox crashed and my anti-virus caught a trojan trying to infect my PC. After cleaning the mess up, I ftp to that website to figure out what happened.
I found that one file "mainfile.dist.php" was modified recently and one additional line was inserted after the php code. Below is that malicious line of code, don't click on it or it may infect your PC:
Hackers must have got in through a security hole somewhere and inserted that line.
That encounter certainly jolted me out of my comfort zone. Need to be more vigilant with security and keep my software up-to-date.
[EDIT by Mamba]: hackers code has been altered, so we are not another source of info for them