For information of forum users:
On May 31, 22:20 o'clock (CEST), this forum site was hacked (even with an up to date web server and forum software).
Many PHP files were manipulated (mostly advertising should be displayed while visiting the web site). But the manipulation created invalid PHP code, so in most cases the web server never delivered the forum site.
A backup of all files from Thursday to Friday night was restored, all manipulated files were overwritten by doing this. The forum database was not changed after comparing with an older backup. Forum posts are not lost, everything is back.
We don't know, if any information was read from the database. If this was done, so user passwords are not in immediately danger, because they are saved hashed and salted in the database. But it could be possible that the forum users' email addresses are known to the attacker.
---
Many thanks to our excellent forum administrator Stefan, who quickly reacted to this incident!!
Gert
On May 31, 22:20 o'clock (CEST), this forum site was hacked (even with an up to date web server and forum software).
Many PHP files were manipulated (mostly advertising should be displayed while visiting the web site). But the manipulation created invalid PHP code, so in most cases the web server never delivered the forum site.
A backup of all files from Thursday to Friday night was restored, all manipulated files were overwritten by doing this. The forum database was not changed after comparing with an older backup. Forum posts are not lost, everything is back.
We don't know, if any information was read from the database. If this was done, so user passwords are not in immediately danger, because they are saved hashed and salted in the database. But it could be possible that the forum users' email addresses are known to the attacker.
---
Many thanks to our excellent forum administrator Stefan, who quickly reacted to this incident!!
Gert