[solved] Has My Site Been Hacked?

wendys_whimseys · Posted: Tue Sep 15, 2009 6:12 pm Post subject: [solved] Has My Site Been Hacked?

Hello Everyone,

I'm new to the Forum... because my installation and use of Dragonfly CMS went so smoothly, that I haven't had any real issues... until now... Shocked

On August 14th, when I visited my website... I received a Trojan Alert message from Windows Live OneCare. I've attached a screenshot of the alert, below.

Now I'm wondering if my site's been hacked and a Trojan has been embedded? I've looked through the source code and couldn't find any unusual scripts... but I'm not even sure where I should be looking? Confused

So I guess these are my questions:

1 - Is it possible for someone to hack Dragonfly CMS and embed a Trojan in my website?

2 - If so... is there any way to find the area that was hacked and fix it?

3 - Are there any security measures I can take to keep my site from being hacked again?

I'm going to provide a link to my site... but you should only click on the link, if you have security software that will detect and remove a Trojan (as I do).

If anyone could take a look at my site and let me know what they can find, I'd appreciate your help:

aceoaddix.com/

Thanks so much! Very Happy

Dizfunkshunal · Posted: Tue Sep 15, 2009 10:57 pm Post subject: Re: Has My Site Been Hacked?

1. Yes it is possable but highly unlikely. If you did get hacked 9 times out of 10 they found a weak spot on your server.
2. Search your logs all of them. For now tho i would recommend uploading a clean copy of all your files over writing the current ones.
3. Yes, but first need to find out what the problem is to figure out what needs to be done to secure it.

I dont see a screenshot?

NanoCaiordo · Posted: Wed Sep 16, 2009 7:57 am Post subject: Re: Has My Site Been Hacked?

"On August 14th" and you register/report now ... take your time mate Wink

Anyway, unless you run your own modules or 3rd party untrusted modules, the only way to hack your website is from inside your server.

wendys_whimseys · Posted: Wed Sep 16, 2009 10:30 am Post subject: Re: Has My Site Been Hacked?

I attached a JPEG of the screenshot, but the attachment isn't showing in my first post... Confused

So here it is again:

However... I have a Co-Admin, who has more experience with DF... and she seems to have fixed the issue. Very Happy

When I find out what happened and how she fixed it, I'll share the info here and see what you guys think.

Thanks for your help! Very Happy

wendys_whimseys · Posted: Thu Sep 17, 2009 8:14 pm Post subject: Re: Has My Site Been Hacked?

OK... looks like the free plugboard that I was using from PlugMe.net was generating the Trojan alert.

I've been using that service for almost a year, with no problems... they must have just changed the script or maybe it's a new glitch with OneCare... Confused

Either way... I switched to a plug script from Plugboard.org and the Trojan warnings are gone.

Thanks for your help! Very Happy