- Category: 3rd-party Joomla!
Warning: Visiting this site may harm your computer!
The website at .....ru appears to host malware - software that can hurt your computer or otherwise operate without your consent. Just viisting a site that hosts malware can infect your computer.
For detailed information about the problems with this site, visit the Google Safe Browsing diagnostic page for this address
I understand that visiting this site may harm my computer.
Even if you use the latest versions of Community Builder (v1.2) and Joomla (v1.0.14) then you're vulnerable to a hack. Watch for users signing up with the .ru top-level domain as they love playing this about and giving all russians a bad name on the net.
If you visit your site and receive either the above error or the alert that a malware was detected: congratulations! you've been hacked.
So first of all check that this is not just a hack to your index.html file in your web root folder (you may find a .heder.php file as well in your webroot as well as some strange index files with strange naming conventions (eg. xzcseifs_kdiek.html) which shouldn't be there either). You'll need to remove these and restore your website. I'd suggest joomlapack if you're using a joomla site, backup just the database, do a fresh install of joomla and use the database sql file as the migration script.
There are some more details of prevous CB hacks in the Joomla forum (source: http://forum.joomla.org/viewtopic.php?t=84436) .
In fact, there are quite a few vulnerabilities my scanners have picked up on and so I'll be posting solutions for those who need to keep Community Builder as their user manager. There are several things I have picked up which I will go into more detail as I test each one (11.11.09):
- variable mosConfig_absolute_path
- allow_url_fopen = Off
Hacking, XSS & SQL-Injections.