ROCKETTHEME IS CLOSING ON JUNE 30, 2025. As a thank-you to our community, enjoy 50% off all themes with the promo code THANKYOU before we shut down.
Read our Farewell Blog Post for more details.
chasing down some vulnerabilities
-
-
- guragu
- Newbie
- Posts: 8
- Thanks: 0
-
I am trying to track down some potential causes of a malware attack on my site recently. I had both ADMIN (affinity) and front-end templates (mission control) somehow include some malware URL references to existing links.
I'm trying to track down the possible causes (injection from one of the other components I have installed was my first thought) but wondered with the noted issues on RokModule if there are any other people seeing similar attacks. (I think I did not upgrade RokModule correctly, btw -- I did not uninstall the old version first which was recommended under Joomla 1.5.xx)
Edited to Add: Since RokModule is on the list of vulnerable extensions, it may also be on the list that some hackers are using to probe joomla sites for vulnerabilities. It appears there is an active outbreak of this at a host that is generating repeated injection attempts at any known site.
Greg
-
-
-
- abercrombi
- Sr. Rocketeer
- Posts: 148
- Thanks: 0
-
Greg - if you didn't follow the instructions for installing the updated version of RokModule, it's likely that was the problem and shortcoming in your case...
Our of interest, what other components/extensions/plugins were you using at the time of the injection? I'd also be interested to know whether you'd made many core hacks.
TBH its not really fair that RT make us pay to use a vulnerable extension. :shock: - hunky dory!
-
Time to create page: 0.081 seconds