I've been hacked!

[Gideon70]

I was working on my site today, and all of a sudden I started to see advertisements in the backend! They are also in the frontend now, and seem to be independant of Joomla. THe site is http://www.daytonagun owners.com and I'm wondering if anyone else has had this happen to them? I need to get this garbage off my site!

Okay, more info.

The advertisements popped up in the frontend and that backend, and were no more than a simple line of ads that worked like some of the news sliders. It was in the left breadcrumb position, I think... firebug wasn't able to ID the position for some reason.

I reloaded the page, and shut everything down then restarted, and it was gone. Or at least it wasn't running on the reload.

Again, anyone else had this happen?

[waarnemer]

cheap hosting... cheap message....

[webreplicator]

I wonder why your site has been hacked.

[webvirtuoso]

Is you using a free hosting account?

[Queasy]

Why wouldn't you take it offline if you've been hacked?

Restore it then update joomla and get a different hosting provider with better protection.

[cmshelplive]

As per the other comments, the fault most probably lies with server security. You should read out the terms from service provider carefully before signing up. A better known hosts should be preferable choice.

[mandville]

It doesn't matter why and it can happen on free or expensive.
Follow the steps here http://forum.joomla.org/viewtopic.php?f=714&t=757645

[sitesrus]

Having advertising on your site isn't the same as being hacked...that's an extreme term that gets used loosely. Just some suggestions below.

If you "ripped" third party software off the internet than expect it to be compromised or have links/ads embedded in it...if it just showed up one day I find it strange that it would just be advertising and not a breach of data or be of compromising nature to the site itself (for example someone gaining access just to advertise seems strange).

But who knows, it sounds like it could be related to an install or a modification to the site. Either way you should keep in mind,

Cloudflare is great and has a free plan (excellent for security)

Maybe make it harder to access the admin backend so people don't try bruteforcing (plugins for that)

Only use reputable software from reputable sources, no pirating

Use updated PHP versions, mod suhosin, and if you're stuck on shared hosting investigate better hosting providers

Keep joomla and extensions up to date with bug fixes, security patches, and etc.

Routinely back up joomla so worst case scenario is reverting file system back to stable safer state and investigate issues

[cmshelplive]

And you may also find this article useful:

http://www.ehow.com/how_8106380_can-rem ... bsite.html