Need Help With tracking hacker [Q and A] - XOOPS Web Application System

1

Need Help With tracking hacker

2004/12/21 19:09
Catzwolf
Home away from home
Posts: 1392
Since: 2007/9/30

Gameinatrix.com Hacked

http://www.gameinatrix.com/

A friend of mines website was hacked today, I was wondering if anyone else has had theirs hacked by this group 'NeverEverNoSanity WebWorm generation 14.'?

It seems they uploaded the an index.html file to the upload folder of the site.

Any help would be helpfull

ATB

Catz

2

Re: Need Help With tracking hacker

2004/12/21 19:13
studioC
Friend of XOOPS
Posts: 922
Since: 2003/12/7

hello catz

perhaps this article will help you ?
http://www.kaspersky.com/news?id=156681162

michael

3

Re: Need Help With tracking hacker

2004/12/21 19:17
studioC
Friend of XOOPS
Posts: 922
Since: 2003/12/7

if he was using phpbb i found a workaround on viewtopic.php
http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=240513

michael

4

Re: Need Help With tracking hacker

2004/12/21 19:20
Catzwolf
Home away from home
Posts: 1392
Since: 2007/9/30

Hey studioC,

Thanx for the heads up on this one.

From what I can see it states phpbb, yet this site uses the previous beta version off the new XOOPS forum.

So will this affect the newer release of the forum?

ATB

Catz

5

Re: Need Help With tracking hacker

2004/12/22 0:48
waterkid
Just popping in
Posts: 6
Since: 2004/12/7

My website was infected by this worm as well. Other xoopsters helped me understand the problem...basic lowdown...

The worm infects a server through the phpBB software (NOT newBB). From there it can infect other website files on that same server even if those accounts are not using phpBB.

Tell your friend to contact their web hosting service. They will most likely have to do a website restore from the latest backup. That hosting service will also need to find the source (those using phpBB) and fix the problem.

Waterkid

6

Re: Need Help With tracking hacker

2004/12/22 0:59
m0nty
XOOPS is my life!
Posts: 3337
Since: 2003/10/24

it also affects invision and vbulletin forums too from what i have read.. the php vulnerability allows the virus to traverse thru all the servers directories and overwrites all files that are 777 or 666 world writable..

Stats
Goal:	$100.00
Due Date:	Oct 31
Gross Amount:	$0.00
Net Balance:	$0.00
Left to go:	$100.00

Need Help With tracking hacker

Re: Need Help With tracking hacker

Re: Need Help With tracking hacker

Re: Need Help With tracking hacker

Re: Need Help With tracking hacker

Re: Need Help With tracking hacker

Login

Search

Recent Posts

Re: XOOPS 2.5.11 session handling too strict?

Re: XOOPS 2.5.11 session handling too strict?

Re: XOOPS 2.5.11 session handling too strict?

Re: Help Needed with Custom Module Development in XOOPS

Re: Error in newbb - footer.php ligne 44

Re: Tuto/news: Old themes with XOOPS 2.5.11

Re: XOOPS 2.5.11 session handling too strict?

Re: XOOPS 2.5.11 search user is not working

Re: Suggetions for xmNews & xSitemap

Re: Error in newbb - footer.php ligne 44

Who's Online

Donat-O-Meter

Latest GitHub Commits

{{ record.sha.slice(0, 7) }} - {{ record.commit.message | truncate }}