Don't worry about providing more information. I found the culprit and have removed it.
If there are any further problems, please let us know.
Thanks
Don't worry about providing more information. I found the culprit and have removed it.
If there are any further problems, please let us know.
Thanks
:: AthenaOfDelphi :: My Blog :: My Software ::
Great response everyone! I just found out this morning, but my own internet went down just as I was reading and couldn't attend to it myself. Thankfully Athena kicked it's butt and we are now "as safe as houses" as I'm sure many of her fellow countrymen/women would say.
Jason McMillen
Pascal Game Development
Co-Founder
Can you be more specific on this please?Originally Posted by AthenaOfDelphi
I can. Basically, an admin account was compromised and it was used to modify the templates to include a DIV containing an IFRAME that loaded from the site specified above. Removing this from the templates was easy (quick search and destroy) and then it was just a case of identifying the account and sorting that out. The account itself appears to have been the very first admin account that was setup when PGD was first born many years ago. It's been migrated from forum to forum. Neither WILL or I use it, ever, so I guess we'd forgotten about it. It has had it's password reset and it's undergone a permanent demotion to regular user.
It wasn't a script based exploit that I'm aware of. I think it was a password hack job on something that is quite obviously an admin account.
Anyhow, if we get any more similar occurrences, let WILL or I know and we'll get it sorted ASAP.
:: AthenaOfDelphi :: My Blog :: My Software ::
Was this a vBuletin acount or general site managment account?
I have done some searching and reading on internet and from what I gathered Godaddy doesn't have best security for site administration. In the past the were lots of hacks done trough hacking cPanel accounts. Some even suggest that cPanel security was so weak that it was posible to hack certain account by runing brute force for pasword hacking. What wories me most is the fact some pepole say that Godaddy has neglected many warnings from its user about security vulnerabilites that were found on their servers. In many cases Godaddy administration has been blaming its customers to be using outdated software wich resulted in security volnerabilities even if that wasn't true.
It was a vBulletin account that was compromised.
:: AthenaOfDelphi :: My Blog :: My Software ::
Oh good. I feared for the worst.
BTW do we have Site Scaner in our webhosting package. Acording to http://www.godaddy.com/security/website-security.aspx GoDaddy offers ability for dayli scaning of our site for various hacks. If we don't maybe we should consider it. I know it cost some money but we might lose a lot of potentional users if our site would present a security thread for their computers.
Last edited by SilverWarior; 04-04-2012 at 07:23 PM.
Posting Permissions
Reply With Quote
Bookmarks