Simple Machines Community Forum

SMF Support => SMF 2.0.x Support => Topic started by: kainfax on January 13, 2011, 02:16:01 PM

Title: Rpcservers got hacked by metropolis
Post by: kainfax on January 13, 2011, 02:16:01 PM
Hello today we got hacked by metropolis

the txt was: Hacked by Metropolis, Just for fun, thank you google!
We use: SMF rc4
website: rpcservers.co.uk but the problem is fixed now.
but how did he hack ours forum ?

Thanks for reply
Title: Re: Rpcservers got hacked by metropolis
Post by: Illori on January 13, 2011, 02:22:51 PM
what mods do you have installed? do you have any other php apps running on your server? have you contacted your host about this?
Title: Re: Rpcservers got hacked by metropolis
Post by: IchBin™ on January 13, 2011, 05:14:45 PM
Are you on shared hosting? Often the cause is another account getting hacked which the hacker then uses that account to affect the other accounts.  Definitely contact your host, ask them if they know how/why it happened. If you still feel SMF was the culprit, feel free to submit to our security page.
http://www.simplemachines.org/about/security.php
Title: Re: Rpcservers got hacked by metropolis
Post by: kainfax on January 13, 2011, 06:33:17 PM
We using Simple portall
and SMF RC4 nothing more...
No I havent conateced my host about this, we are using Tmdhosting.com. i just reporting this becuase maybe your can do something about this, maybe fix this ect...

Thanks for fast reply.,
Title: Re: Rpcservers got hacked by metropolis
Post by: Illori on January 13, 2011, 07:48:07 PM
there are no known vulnerabilities in smf at this time. please request your host to look into the issue. if they can point it back to smf then fill out the form linked above.
Title: Re: Rpcservers got hacked by metropolis
Post by: CoreISP on January 14, 2011, 04:20:45 AM
Could you perhaps post a link to php info?

TMDHosting are oversellers, big time. As they apparantly dont know a hard drive has limits, perhaps they also dont know how to secure their server and your account was cracked due to  bad security policy and another client running something hackable.

This is not caused by SMF.
Title: Re: Rpcservers got hacked by metropolis
Post by: tumbleweed on January 14, 2011, 10:02:08 AM
here is a little reading for you
http://thehackermetropolis.wordpress.com/
Title: Re: Rpcservers got hacked by metropolis
Post by: Norv on January 14, 2011, 10:08:20 AM
This is not in SMF, indeed. If you google the message "Hacked by Metropolis" you may find PHP-Nuke among others, as well as sites downloading trojans on users' computers. (do NOT trust those saying they "found" a "security vulnerability on your computer", they're hoax. May be best to not access them at all, except from a very secure computer.)

Please do check with your host, as mentioned above.
Also do check your own computer, throughfully, as well as anyone's computer which has FTP access to your forum.

Cross-posted with tumbleweed: ah, thank you for the link.