My Joomla 1.5 web site was hacked

Discussion regarding Joomla! 1.5 security issues.
Joomla! Vulnerable Extensions: http://feeds.joomla.org/JoomlaSecurityV ... Extensions

Moderator: General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Locked
andrea2002
Joomla! Fledgling
Joomla! Fledgling
Posts: 2
Joined: Thu Jul 14, 2016 9:03 am

My Joomla 1.5 web site was hacked

Post by andrea2002 » Thu Jul 14, 2016 9:46 am

Nice day to all!

I'm trying to clean my Joomla 1.5 web site from hack.
If you check Google serps you may see this: http://b*i*t.ly/29UoshO

It is potitive to "v*i*a*g*r*a" and "c*i*a*l*i*s".

I did these things:

- I changed htaccess with a new clean file;

- I blocked the new registers;

- I changed administrator's login and password;

- I change login/administrator URL with htaccess script;

- I run "fpa-en.php" and I got the report I'm attaching:
here is its report: http://b*i*t.ly/2abR3OI

- I tryed to looking for the changed files via FTP but is too difficult;
but it's been too long since what has happened the fact.

I'll be gratefull for any information helpful, to solve my problem
Regards
Andrew

User avatar
dhuelsmann
Joomla! Master
Joomla! Master
Posts: 19646
Joined: Sun Oct 02, 2005 12:50 am
Location: Omaha, NE
Contact:

Re: My Joomla 1.5 web site was hacked

Post by dhuelsmann » Thu Jul 14, 2016 11:10 am

First off follow this checklist completely. There are no shortcuts. https://docs.joomla.org/Security_and_Pe ... ow_what.3F
Second Joomla 1.5.26 reached end of life in September 2012. You would be much better off installing a brand new Joomla 3.6 site.
Regards, Dave
Past Treasurer Open Source Matters, Inc.
Past Global Moderator
http://www.kiwaniswest.org

User avatar
sozzled
Joomla! Champion
Joomla! Champion
Posts: 5860
Joined: Sun Jul 05, 2009 3:30 am
Location: Canberra, Australia
Contact:

Re: My Joomla 1.5 web site was hacked

Post by sozzled » Thu Jul 14, 2016 11:15 am

@andrea2002: As this is your first post on the forum, we will try to be gentle. I want to make four points:

1) I am very sorry to hear that your website has been hacked.

2) I cannot read any of the information in the "fpa-en.php" image you posted and it probably doesn't really matter.

3) My advice is to restore your site from the last known good backup made before the hack took place.

4) Even if you are able to restore your site successfully it will probably be hacked again (and again) and that is the number one reason to not use J! 1.5.

Perhaps this is not the "helfpul" information you want to hear but it's probably the best advice you will get. You have my condolences for your loss but that's what happens when people use software that is vulnerable to attack. J! 1.5 has not been updated or maintained for over four years.

Good luck
https://www.kuneze.com/blog
Former member of Kunena project team
If you think I’m wrong then say “I think you're wrong.” If you say “You’re wrong!”, how do you know?

andrea2002
Joomla! Fledgling
Joomla! Fledgling
Posts: 2
Joined: Thu Jul 14, 2016 9:03 am

Re: My Joomla 1.5 web site was hacked

Post by andrea2002 » Thu Jul 14, 2016 11:47 am

Thank you to everyone for usefull information.
I'll follow them.
regrads
Andrew


Locked

Return to “Security in Joomla! 1.5”