13 years 1 day ago
This is not funny actually - Yesterday I received this email from from my joomla ISP.
"Hi,
We got a notification from a 3rd party company that your website was
compromised. When we investigated the accident we found that an intruder
had logged into your account over FTP and uploaded various files into
your account to use it in illegal spectrum. It was done on Apr 9 00:48:10. The
illegal files had been uploaded into:
/home/*****.net//public_html/deepens
To clean your website we removed the illegal content and reset your
cPanel/FTP password to:
However you need to do the
following in order to solve the problem completely.
1. Check all computers used by you to manage the website/account using
some latest antivirus software and remove all viruses/trojans if
something is detected.
2. Log into your cPanel( and sitebuilder ) from a clean computer and
reset your cPanel/FTP/Mail and sitebuilder passwords to something hard
guessed like
S893jc&4"
Thing is my FTP password was 18 chars long, and much of just random letters and numbers. Looking at the FTP logs I noticed that there were over 18,000 hits around April 9th, coming from a Russion porn site. I also noticed that around 10 obvious fake users registered at my brand new site. I have since disabled this JB feature. I am now not sure what to do with the Login screen in JB templates.
Anybody else?? Suggestions?