Question SMF2.0 b3.1

[RvG]

Is there any security breach in SMF 2.0 b3.1?

Is anybody experiencing this:

Password security has recently been upgraded. Please enter your password again.

I am trying to retrieve my passwords but emails are not sending I guess.

Are your experiencing somebody is hacking you? changing your passwords and email add? 

[Kindred]

it's not a hacking.

Are you running any bridges or integrations?

[RvG]

No hacks installed... I am already satisfied on new features of SMF 2.0

I need to retrieve passwords but SMF 2.0 is not sending passwords

[RvG]

anyone knows about this hacker?

Y0uR SITE IS OWNez By 3RROR.eXe

id
uid=0(Don't) gid=0(4get) grupos=0(Me),1(Never),2(3RROR.eXe),3(Morrocan),4(Defacer)

Nothing Was Deleted If You Want BACKUPS Contact Us

Why Your Site Is Hacked ?

Because America & Israel Kill Kids & We Kill Our Servers

[RvG]

I have two scripts installed on my domain one SMF and on vB 3.7

I am trying to find out which of these two scripts is being hacked.

[Kindred]

I suggest you contact your host and look at the access logs for your site(s).

If, after looking at the logs, you thing that you have a secuirty concern with smf, please report it to security at simplemachines dot org.

[karlbenson]

There are no known issues with SMF 2.0 beta 3.1.

[RvG]

the hacker is able to login in my cPanel... and edit all my files fortunately he's still not deleting all files.

why SMF is not sending emails by the way? I am trying to recover my password but it is not sent to my emails.

[SgtMic]

If he has access to your Cpanel, he may have made a new email.

[RvG]

correct. he even changed now the password of my main email in gmail. unfortunately I've used same password in my smf email and my email in gmail.

I deleted my vb files temporarily and kept smf only and host has given me now my new cpanel passwords just now the hacker had changed it again.

I am trying to believe that SMF has something to see and check on it.

BTW, I've been using SMF since 1.0.x and this happens only to me when I've used SMF 2.0

still not so sure but i hope it's not.

[RvG]

There are no known issues with SMF 2.0 beta 3.1.

You are right. It is the host (Cirtex) itself who's being hacked.

[SgtMic]

Sounds like it's time for a new host.

[SleePy]

RvG,

Is this issue resolved?
I would suggest maybe looking for a new host.

Though if your gmail password was changed, a while back (over many months ago) there was a security issue with gmail (I can't remember the details). It may have been possible he still had your login details from that.

If your gmail password was the same as your forum login and cpanel, I would really suggest using multiple passwords. Using the same password for everything only leads to issues where they can continue to gain access to where they shouldn't have it.

[Deprecated]

the hacker is able to login in my cPanel...

If you are referring to your ISP cPanel, then it has nothing to do with SMF. If you are no longer able to access your ISP cPanel, I suggest you telephone them and have them change your password for you.

As far as Gmail, don't use the same password globally. Choose a different password for EVERY site.

In the future you should ensure that you use a different password for every site so that a compromise at one site does not compromise other sites.

I very much doubt that your SMF 2.0 was the source of the breach.