Got GO hacked, please beware.

Get help from the community here.

Moderator: Developers

Posts: 3
Joined: Fri Feb 24, 2012 11:55 am

Got GO hacked, please beware.

Postby Mzamaraev » Wed Feb 17, 2016 10:51 am

Hi, I need an advice.
Got GO 6.1.14 on my linux hosting, but yesterday the site became unavailable for users. Logs said that Symantec Endpoint Protection blocked the session due to "Nuclear Exploit Kit Redirect 4" detection. My GO site gives me the popup message "Could not load the application javascripts. Check the "host" property in config.php and see if the "file_storage_path" folder and it's contents are writable" (for Mozilla browser, IE simply dies).
I downloaded fresh version of GO 6.1.76, removed all files and subdirs, then uploaded new installation files and executed an upgrade process. Everything worked fine, the error gone, but came back today.
I scanned files at hosting and found malicious software in Chat module. I've delete whole Chat subdir at Modules directory, however the problem remains.
Any clue how to cure the system and how to avoid such a problems will be very appreciate!


Who is online

Users browsing this forum: No registered users and 7 guests