All Site passwords changed

wstream

• December 04, 2013 02:09

Hi All I need some info and help We have a dedicated server witha handfull of joomla sites and 1 wordpress site. last night we had the wordpress site hacked. As a result all other sites that are joomla had their user table - user passwords chaged and privelages changed to superadmin. Whats puzzling me is how they were able to change passwords on other databases in the same server. At worst they could have got hold of the DB password for the wordpress database but not the others. so how would they have changed the data on the other db's In order to protect against this happening again ill need to determin the route taken. Any help or pointers greatly appreciated. Thanks Ash

• 

  cPanelMichael

  • December 04, 2013 14:25

  Hello :) I have moved this thread to the "Security" forum. You should receive more user feedback here. Also, the following thread may be helpful: My dedicated server hackers can drop database tables Thank you.

  0
• 

  quizknows

  • December 04, 2013 21:39

  You got hit with a symlink hack.

  0
• 

  wstream

  • December 06, 2013 04:28

  Hi Michael - thanks for the move Quizknows - thanks for the reply - yup looks like thats what happened - have applied RUID2 and JailShell Thanks again guys Ash

  0

Please sign in to leave a comment.