I can. Basically, an admin account was compromised and it was used to modify the templates to include a DIV containing an IFRAME that loaded from the site specified above. Removing this from the templates was easy (quick search and destroy) and then it was just a case of identifying the account and sorting that out. The account itself appears to have been the very first admin account that was setup when PGD was first born many years ago. It's been migrated from forum to forum. Neither WILL or I use it, ever, so I guess we'd forgotten about it. It has had it's password reset and it's undergone a permanent demotion to regular user.Originally Posted by SilverWarior
It wasn't a script based exploit that I'm aware of. I think it was a password hack job on something that is quite obviously an admin account.
Anyhow, if we get any more similar occurrences, let WILL or I know and we'll get it sorted ASAP.
Reply With Quote
Bookmarks