Topic: Hacked/exploited forum?

Hi,

we run a 1.2.15 version of punBB at www.hotsailsmaui.com/forum/ and it seem to have been hacked or exploited by cross-site scripting because the index.php reports there's a "<" too many (or something. I haven't delved into it yet) and two of the forum users report that they were prompted to download a PDF, which then were recognized as been infected with Trojan.Pidief.C by their AV SW.

Could someone here help me out what to do / start with?

BR
/Niclas

Re: Hacked/exploited forum?

Make a backup of database and files. Check your computer for viruses. Change the password of your FTP account. Then update the forum to version 1.2.21.

Re: Hacked/exploited forum?

Parpalak wrote:

Make a backup of database and files. Check your computer for viruses. Change the password of your FTP account. Then update the forum to version 1.2.21.

Ok, thanks. Not go all the way with 1.3.x?

Re: Hacked/exploited forum?

If you have a lot of mods installed it wouldn't be easy to upgrade to 1.3. Styles and mods for 1.2 are incompatible with 1.3. Read wiki articles or foorum discussions to make a decision.