JoomlaCode.org Website Hacked - Blocked by LiquidWeb

If you have any 'mechanical' forge related issues/suggestions, pop them in here.
Locked
holodyn
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Wed Oct 16, 2013 1:25 am

JoomlaCode.org Website Hacked - Blocked by LiquidWeb

Post by holodyn » Wed Oct 16, 2013 1:39 am

We are a small hosting company that recently started migrating several Joomla account over to a LiquidWeb dedicated server, only to learn that LiquidWeb is blocking outbound access to JOOMLACODE.ORG because it is listed on the http://www.malwaredomains.com/ website - apparently a fairly reputable source for disingenuous websites.

Obviously JoomlaCode.org is a reputable and necessary site for Joomla run websites, however LiquidWeb is accurate when stating that the site has been compromised. According to a scan performed by urlquery.net there are several /user/ pages that have some TDR on-screen javascript exploit. Example:
http://urlquery.net/report.php?id=6716170

Joomla Team - Please fix or just disable the /user/ section of joomlacode.org - let the site be solely dedicated to updates. I assume that LiquidWeb is not the only ones that are blindly following lists like that found on malwaredomains.com.

Thank you in advance.
Last edited by ChiefGoFor on Wed Oct 23, 2013 1:52 am, edited 2 times in total.
Reason: Moved the topic from the forum Security in Joomla! 2.5 to the forum JoomlaCode.org

User avatar
alikon
Joomla! Champion
Joomla! Champion
Posts: 5941
Joined: Fri Aug 19, 2005 10:46 am
Location: Roma
Contact:

Re: JoomlaCode.org Website Hacked - Blocked by LiquidWeb

Post by alikon » Thu Oct 17, 2013 4:51 am

recently i've experience quite the same with a cisco software wich block JoomlaCode.org
Nicola Galgano
i know that i don't know
www.alikonweb.it

User avatar
ChiefGoFor
Joomla! Champion
Joomla! Champion
Posts: 5614
Joined: Tue Sep 13, 2005 12:22 am
Location: Omaha, Nebraska, USA
Contact:

Re: JoomlaCode.org Website Hacked - Blocked by LiquidWeb

Post by ChiefGoFor » Mon Oct 21, 2013 1:16 am

Thank you for reporting this. This issue was corrected on Friday. The offending file was removed and the user was suspended.

Thank you again!
Joomla! ...because open source matters
"Try to answer two questions for every one question you ask." - Me

User avatar
alikon
Joomla! Champion
Joomla! Champion
Posts: 5941
Joined: Fri Aug 19, 2005 10:46 am
Location: Roma
Contact:

Re: JoomlaCode.org Website Hacked - Blocked by LiquidWeb

Post by alikon » Mon Oct 21, 2013 5:22 pm

can confirm now no more blocked
Nicola Galgano
i know that i don't know
www.alikonweb.it

User avatar
ChiefGoFor
Joomla! Champion
Joomla! Champion
Posts: 5614
Joined: Tue Sep 13, 2005 12:22 am
Location: Omaha, Nebraska, USA
Contact:

Re: JoomlaCode.org Website Hacked - Blocked by LiquidWeb

Post by ChiefGoFor » Wed Oct 23, 2013 1:53 am

Thank you!

I marked the first post in this thread as solved.
Joomla! ...because open source matters
"Try to answer two questions for every one question you ask." - Me

User avatar
essiele
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 100
Joined: Mon Oct 03, 2011 9:52 am

Re: JoomlaCode.org Website Hacked - Blocked by LiquidWeb

Post by essiele » Sat Oct 26, 2013 3:39 pm

Kenneth and Alikon,

I'm afraid the website has again been hacked, as I am getting a message on my screen that it's blocked due to possible malware.
Ess'iele
... seeing things.

User avatar
ChiefGoFor
Joomla! Champion
Joomla! Champion
Posts: 5614
Joined: Tue Sep 13, 2005 12:22 am
Location: Omaha, Nebraska, USA
Contact:

Re: JoomlaCode.org Website Hacked - Blocked by LiquidWeb

Post by ChiefGoFor » Mon Oct 28, 2013 2:14 am

Ess'iele,

I'm not sure about the copy of Joomla on cNet. We can not guarantee the integrity of those files.

That said, the notice that you are getting has to do with a file that a user uploaded to JoomlaCode and was not part of the Joomla package.

Example:

Let's say that you wanted to create an extension. You could create an account on JoomlaCode and use it to distribute your files. Let's say that you decide to upload a file that redirects users to a some website that sells pharmaceuticals. That would be a file within your JoomlaCode account. It would not affect the integrity of Joomla's files nor the files belonging to other users.

That is exactly what happened here. Unfortunately, the software you mentioned (Comodo) is unable to see the difference. Where where they site, it is all the same site.

The file has been removed and the offending user has been banned from JoomlaCode.

I hope that makes sense and helps others understand what happened.
Joomla! ...because open source matters
"Try to answer two questions for every one question you ask." - Me

User avatar
essiele
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 100
Joined: Mon Oct 03, 2011 9:52 am

Re: JoomlaCode.org Website Hacked - Blocked by LiquidWeb

Post by essiele » Mon Oct 28, 2013 3:57 pm

Many thanks for the explanation, KC. It's very much appreciated.

Regards,

Ess
Ess'iele
... seeing things.

ralain
Joomla! Explorer
Joomla! Explorer
Posts: 292
Joined: Wed Mar 14, 2012 10:25 am
Location: Randers, Denmark

Re: JoomlaCode.org Website Hacked - Blocked by LiquidWeb

Post by ralain » Thu Nov 07, 2013 4:01 pm

LiquidWeb has once again blocked joomlacode.org. :(
LiquidWeb wrote:Right now we have this domain resolving to this IP for security measures. This is why there is a difference in the IPs. The site joomlacode.org right now is listed at :

http://www.malwaredomains.com/

It has been known to spread malware and possibly infect machines. As a security measure we use lists at a few locations to protect customer from known attack vectors.
Saludos,
Alain


Locked

Return to “JoomlaCode.org”