[AlaskaRC] Unwelcome website "help"

Tom Simes simestd at netexpress.com
Fri Jun 11 17:40:52 AKDT 2010

On 6/8/10 11:05 PM, Tom Simes wrote:
> Hello all,
> On June 7th someone vandalized the ARCS website. I've archived the files
> used in the defacement and have started a restore from backup. I'm not
> sure how long the restore will take, but once the restore is finished,
> I'll be changing the admin passwords and upgrading to the latest version
> of Joomla. I suspect the compromise was via a security flaw in Joomla.
> No personal or financial information is stored on the website, beyond
> what is in the club roster (name and phone number) and the treasurer's
> report so this is really more of an annoyance than anything.

The website has been vandalized again (this is the 3rd time in four 
days).  The same files and scripts were deposited, and the Joomla 
installation was deleted.  After the second compromise, I thought I had 
found out how it was being done so I changed the passwords, restored the 
content from backup and upgraded to the most recent version of Joomla. 
Now that it's happened a 3rd time, repairing / delousing it is going to 
have to wait until I get back from vacation on Sunday and can work on it.



    "Z-80 system stack overflow.  Shut 'er down Scotty, the system's
          sucking mud" - Error message on TRS 80 Model-16B

Tom Simes                                       simestd at netexpress.com

More information about the AlaskaRC mailing list