PBTech

My PBTech installation was hacked - PBTech

My PBTech installation was hacked

by ALC2015 » Sat Jul 21, 2018 12:16 pm

Hi all. A quick alert to those using this cool style. I have been using PBTech on my forum for several years without incident. I was running PBTech with my own image set and some custom adjustments on PhpBB 3.1.3. The only reason I have not upgraded to PhpBB 3.2 is to keep PBTech going ;)

Yesterday (July 20) my PBTech installation was hacked. Someone was able to install a directory labelled ‘update’ and a file ‘update.php’ inside the pbtech directory. No one other than me manages my website or has access to it other than as a board user, and new registrations require admin approval.

I received an email alert from the Google Search Console Team to advise me that ‘Social engineering content’ had been detected on my website, listing a url ending in …pbtech/update, and google had downgraded my website and partially blocked it with a warning. Rather annoying.
The ‘update’directory and been installed on that day, so google found it immediately.
The PBTech installation I was using does not have an ‘update’ directory.

I would advise anyone running older versions of PBTech to check for this ‘update’ directory and its associated update.php file.

I shall investigate using the wow Style instead, or simply stop using styles.

A pity we live in such a world where our work is subject to constant attack.
ALC2015
Registered User
Posts: 5
Joined: Mon Feb 09, 2015 5:55 pm