Page 1 of 1

[not] Hacked 3.0.4

Posted: Fri Apr 27, 2012 4:14 am
by itchibahn
My forum has been hacked.

I just installed the latest version at the time, during January, v 3.0.4. Haven't advertised the site at all as it's still being worked on. Today, I decided to work on the site and all of sudden, I have over 70,000 junk advertisement messages and over 8,000 users.

I can't believe someone would actually have time to register 8,000 fake users and post over 70,000 junk messages. This must of been automated somehow, which indicates huge hole in this version.

I've tried to prune the messages, but got an error:
Fatal error: Out of memory (allocated 89653248) (tried to allocate 35 bytes) in /home/devildat/public_html/forum/includes/search/fulltext_native.php on line 1238.
There are some few legit posts, but I think it's best that I wipe and start over again with current lastest version. This is somewhat scary, is phpBB this easy to hack?

Has anyone been hacked with current version 2.0.10? What security measure should I take to avoid this from happening?

Re: Hacked 3.0.4

Posted: Fri Apr 27, 2012 4:20 am
by Erik Frèrejean
You are being targeted by a spam bot, which has nothing to do with security as they don't do anything they aren't allowed to do (register and post) yes it is annoying but far from being hacked.
First off all update to 3.0.10 as it contains far better anti spam measures, after that have a look at this topic.

Re: Hacked 3.0.4

Posted: Fri Apr 27, 2012 5:24 am
by Oyabun1
The version available from here in January was the latest version 3.0.10, so if the version you used was 3.0.4 it probably wasn't ours.

Unless you've done a lot of work on it you would probably be better off deleting the board and database and starting again with the the Latest Version from here. Then immediately implement anti-spam measures such as those Erik pointed you to.

Re: Hacked 3.0.4

Posted: Fri Apr 27, 2012 3:23 pm
by Renji
Install Anti-Spam mod that works really super mind great :p

Re: Hacked 3.0.4

Posted: Fri Apr 27, 2012 3:27 pm
by Erik Frèrejean
Renji wrote:Install Anti-Spam mod that works really super mind great :p
You don't need any anti-spam MODs, as long you properly configure the build in system spam isn't an issue unless you are really targeted. Potentially you can enable the newly registered users group to assure that no spam gets publicly posted.

Re: [not] Hacked 3.0.4

Posted: Fri Apr 27, 2012 3:31 pm
by Renji
Well thats not always possible, one of friend site is having about more than 1298456 spam bots! now tell me

Re: [not] Hacked 3.0.4

Posted: Fri Apr 27, 2012 10:03 pm
by Oyabun1
Renji wrote:Well thats not always possible, one of friend site is having about more than 1298456 spam bots! now tell me
What's the address of that board?

Re: [not] Hacked 3.0.4

Posted: Fri Apr 27, 2012 10:45 pm
by CaNNon_
That is a interesting number, I'd like to know how you counted the spam bots?

Re: [not] Hacked 3.0.4

Posted: Sat Apr 28, 2012 5:19 am
by Renji
Sorry same again, He is deleting all the bots.... When its few I will send you a PM. 8-)

Re: [not] Hacked 3.0.4

Posted: Sat Apr 28, 2012 10:23 am
by KevC
To have that many it's likely the board was installed a few years ago and then just left. Sometimes it's simpler, especially if the content/real user list is very small and/or very old, to just delete the lot and start again.

Re: [not] Hacked 3.0.4

Posted: Sat Apr 28, 2012 10:30 am
by Renji
neah, He installed last month.

Re: [not] Hacked 3.0.4

Posted: Sat Apr 28, 2012 10:36 am
by KevC
Never. I've seen popular, long established but abandoned boards getting hit every few minutes with no antispam measures and they're only on 50,000 accounts. You've got 1.2million! Even if it was installed 8 weeks ago that's nearly 20 spambot registrations a minute.

If the board is that new, you might as well just delete it.

Re: [not] Hacked 3.0.4

Posted: Sat Apr 28, 2012 3:25 pm
by CaNNon_
You never replied as to how you counted them, I'd really like to know as it's something I could use.