Hacked B2evolution
I got some spam on a forum that appeared to be for a hacked website. It turned out to be a blog community running a modified B2evolution. The spammers had hacked index.php, and made redirects by using URL’s along this pattern: index.php?xanax#3
That particular website has been notifed, and has removed the hacked code.
I haven’t found any other websites compromised that same way, but that doesn’t mean there’s nothing like it out there.
April 21st, 2007 at 9:33 am
These days hackers do not deface the main page to put “hacked by” and gain respect. They hack a server/website and keep it secret until they gather enough servers to set up phish sites or other stuff that would make them money. They use well known unpatched flaws in Joomla, Wordpress, phpBB, phpMyAdmin - PHP injection, SQL injection, cross site scripting etc.
April 21st, 2007 at 3:30 pm
Hi,
Is this B2evolution hack a single site being hacked or proof of a vulnerability inside B2evolution?
Thanks
April 21st, 2007 at 3:53 pm
To Henrik:
I don’t know. That was a modifed installation, so it’s really up to the owner of that service and the B2evolution developers to figure it out together.
Did you know the domain you’re using in your address is for sale?
April 22nd, 2007 at 5:46 am
Yes, I do know that it’s listed over at Sedo, but it’s not for sale!
Back on “topic”; There’s been quite a lot of security buzz around blog-software. Just look at what happened to Wordpress some month ago. It is natural that crackers try to get inside people’s blogs, as blogs gets a lot of traffic over “regular” websites as well as it’s being a widely spread software to target. (sort of the whole windows vs mac cracking discussion)
May 25th, 2007 at 12:34 am
I’ve post a long comment, but it didn’t appear.
Can you please check your spam filter and find my comment?
It’s from same name, RenĂ©.