News:

SMF 2.1.4 has been released! Take it for a spin! Read more.

Main Menu

Joomla site - Hacked

Started by Storman™, August 18, 2007, 07:11:52 AM

Previous topic - Next topic

Storman™

Bit off topic I know but looks like the Joomla site has been hacked.

http://joomla.org

That's not good  :(

babjusi

It doesn''t look like hacking to me. Maybe they are doing some maintenance, at least that is what it says there:

Joomla!
joomla.org is down for temporary maintenance.
We will be back online very shortly.

Dragooon

I have seen this before.
They keep doing this. It is not hacked lol.

Storman™

No, they have put it into maintenance mode now but it did say:


Template File Not Found! Looking for template:
Hacked M3rhametsiz & Zorbey


anna.young

It must be VERY embarrassing after all their talk about security and  changing files so bridge would not work...  Wonder what version they were using...

Rather funny that their SMF Forum works well on the subdomain...  ;)

Anna




Toronto German Shepherd Dog Rescue

"Here's to the crazy ones, the misfits, the rebels, the troublemakers, the round pegs in the square holes... the ones who see things differently -- they're not fond of rules... You can quote them, disagree with them, glorify or vilify them, but the only thing you can't do is ignore them because they change things... they push the human race forward, and while some may see them as the crazy ones, we see genius, because the ones who are crazy enough to think that they can change the world, are the ones who do." (SJ)

Raul Dias

Security almost comes to zero when you have a shared hosting environment and upload your php files (components/mods/plugins) thru HTTP.
Not mattering how secure the php app is.

gasg

Quote from: babjusi on August 18, 2007, 07:13:41 AM
It doesn''t look like hacking to me. Maybe they are doing some maintenance, at least that is what it says there:

Joomla!
joomla.org is down for temporary maintenance.
We will be back online very shortly.
Yes it's been hacked today, by replacing the Andrew Eddie immage with a Terrorist Immage, now it's fixed again

gasg

Some days a go Joomlaart site as been hacked too

Kindred

Quote from: storman on August 18, 2007, 07:23:34 AM
Confirmed here:

http://forum.joomla.org/index.php/topic,203015.0.html

;)

hmmm... that thread appears to have been removed.   Anyone got a copy of the post/thread?
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Omega X

So much for the "Joomla has no known vulnerabilities" mumbo jumbo that they always spew.

anna.young

Quote from: Kindred on August 18, 2007, 02:53:06 PM
Quote from: storman on August 18, 2007, 07:23:34 AM
Confirmed here:
http://forum.joomla.org/index.php/topic,203015.0.html

;)

hmmm... that thread appears to have been removed.   Anyone got a copy of the post/thread?

No, I don't, but this is an attachment that someone posted there:

-->

Wanted to post it here, but thought at the time it would be in bad taste... Now I think that removing the thread, though perfectly 'legal', is in bad taste...  ;) 

Anna

Toronto German Shepherd Dog Rescue

"Here's to the crazy ones, the misfits, the rebels, the troublemakers, the round pegs in the square holes... the ones who see things differently -- they're not fond of rules... You can quote them, disagree with them, glorify or vilify them, but the only thing you can't do is ignore them because they change things... they push the human race forward, and while some may see them as the crazy ones, we see genius, because the ones who are crazy enough to think that they can change the world, are the ones who do." (SJ)

anna.young

Toronto German Shepherd Dog Rescue

"Here's to the crazy ones, the misfits, the rebels, the troublemakers, the round pegs in the square holes... the ones who see things differently -- they're not fond of rules... You can quote them, disagree with them, glorify or vilify them, but the only thing you can't do is ignore them because they change things... they push the human race forward, and while some may see them as the crazy ones, we see genius, because the ones who are crazy enough to think that they can change the world, are the ones who do." (SJ)

gasg

I don't remember now where (I don't post it anyway), but the vulnerabilities and the mode how to hack has published on the net, who read this and who have the site based on Joomla! 1.0.13 want to have fear for defaced.

gasg

#14

Dragooon


babjusi


Dragooon

I never said It is cool, It is funny :P

AmyStephen

#18
Schadenfreude. Did you know that biographies of Hitler indicate that was the only type of humor he had? Pleasure in the misfortune of others.

Louis Landry reported on the cause and resolution of the security issue, including an open and honest discussion of why it took so long to resolve and what was done wrong at Joomla org. I respect that. Thankfully, it was a custom component that had not been released. That makes *me* feel much better knowing others are not at risk.

All projects have had security issues and difficult challenges. This is always a good time to remember to do our backups and make certain we are running current levels of software. Being "Powered by SMF 1.1 RC1," for example, could be an accident waiting to happen and VERY embarrassing, indeed, after being involved in a conversation like this one, to have others find *we* have been lax tending to our own little site.

Truly, bad things happening to others doesn't improve our lives, at all. It is a life lived well that brings true happiness. I wish for each of you those things.
Amy :)

青山 素子

Quote from: AmyStephen on August 19, 2007, 10:12:36 AM
Louis Landry reported on the cause and resolution of the security issue, including an open and honest discussion of why it took so long to resolve and what was done wrong at Joomla org. I respect that. Thankfully, it was a custom component that had not been released. That makes *me* feel much better knowing others are not at risk.

Agreed. If it was a flaw in the core of Joomla!, that would have been very bad. Certainly not something you'd want to wish on anyone.


Quote from: AmyStephen on August 19, 2007, 10:12:36 AM
All projects have had security issues and difficult challenges. This is always a good time to remember to do our backups and make certain we are running current levels of software. Being "Powered by SMF 1.1 RC1," for example, could be an accident waiting to happen and VERY embarrassing, indeed, after being involved in a conversation like this one, to have others find *we* have been lax tending to our own little site.

Agreed. Upgrades should be evaluated for their impact on systems and deployed as soon as possible.
Motoko-chan
Director, Simple Machines

Note: Unless otherwise stated, my posts are not representative of any official position or opinion of Simple Machines.


Advertisement: