Hello today we got hacked by metropolis
the txt was: Hacked by Metropolis, Just for fun, thank you google!
We use: SMF rc4
website: rpcservers.co.uk but the problem is fixed now.
but how did he hack ours forum ?
Thanks for reply
what mods do you have installed? do you have any other php apps running on your server? have you contacted your host about this?
Are you on shared hosting? Often the cause is another account getting hacked which the hacker then uses that account to affect the other accounts. Definitely contact your host, ask them if they know how/why it happened. If you still feel SMF was the culprit, feel free to submit to our security page.
http://www.simplemachines.org/about/security.php
We using Simple portall
and SMF RC4 nothing more...
No I havent conateced my host about this, we are using Tmdhosting.com. i just reporting this becuase maybe your can do something about this, maybe fix this ect...
Thanks for fast reply.,
there are no known vulnerabilities in smf at this time. please request your host to look into the issue. if they can point it back to smf then fill out the form linked above.
Could you perhaps post a link to php info?
TMDHosting are oversellers, big time. As they apparantly dont know a hard drive has limits, perhaps they also dont know how to secure their server and your account was cracked due to bad security policy and another client running something hackable.
This is not caused by SMF.
here is a little reading for you
http://thehackermetropolis.wordpress.com/
This is not in SMF, indeed. If you google the message "Hacked by Metropolis" you may find PHP-Nuke among others, as well as sites downloading trojans on users' computers. (do NOT trust those saying they "found" a "security vulnerability on your computer", they're hoax. May be best to not access them at all, except from a very secure computer.)
Please do check with your host, as mentioned above.
Also do check your own computer, throughfully, as well as anyone's computer which has FTP access to your forum.
Cross-posted with tumbleweed: ah, thank you for the link.