[TYPO3-dev] Hacked TYPO3 Sites
Stefan Beylen
intsys at swissinfo.org
Tue Jul 31 12:06:44 CEST 2007
Hi!
As two of my sites got hacked recently (one of them two times) I am
asking if anybody has heard of such a case like mine.
The two sites are completely different organizations and in no relation
with each other.
one runs on 3.8.1, the other one on 4.1
apparently system commands are executed to add javascript/php/whatever
to files (.js,.php). last time code was injected into localconf.php that
echoed some weird text and a link and turned error_reporting off, before
that javascript was added to a typo3temp js file that output an iframe
to some weird site (this site was throwing a 404)
there are hundreds more of TYPO3 sites on the provider, so I /guess/
this got nothing to do with him.
as I said the two sites of mine got no relation apart from being on the
same providers webspace. also there are no extensions that are used on
*both* installations apart from the usual suspects like rthtmlarea,
css_styled_content, dmail,...
If anybody knows whats going on here please inform me, and if someone
heard of such cases feel free to contact me (also offlist)
If you want more information like installed extensions -> offlist
thx!
More information about the TYPO3-dev
mailing list