Page 1 of 1

Site hacked due to Google Maps plugin vulnerability?

Posted: Mon Dec 22, 2014 7:09 am
by BMM01
My host says that my site was hacked due to a vulnerability in the reumertech Google Maps plugin:

This is from the server logs:

* About to connect() to tracker.sceneaccess.org port 80 (#0)
* Trying 5.196.13.202... * connected
> GET / HTTP/1.1
Host: tracker.sceneaccess.org
Accept: */*
Content-type: text/xml
Content-length: 0

< HTTP/1.1 301 Moved Permanently
< Server: nginx
< Date: Fri, 19 Dec 2014 04:48:32 GMT
< Content-Type: text/html
< Content-Length: 178
< Connection: keep-alive
< Location: https://sceneaccess.eu/
<
* Connection #0 to host tracker.sceneaccess.org left intact
* Closing connection #0


The host fixed the problem by closing down access to public_html/plugins/system/plugin_googlemap3

Is there anything else I can do to stop this happening again or combat future attacks?

Thanks in advance
Brett

Re: Site hacked due to Google Maps plugin vulnerability?

Posted: Mon Dec 22, 2014 8:14 am
by pe7er
BMM01 wrote:Is there anything else I can do to stop this happening again or combat future attacks?
Yes, keep Joomla & all 3rd party extensions up to date.

and https://docs.joomla.org/Security_Checklist