FlashLight

Increase in Joomla Hack Activity in 2013

Recommended Posts

Hi Folks,

 

I'm sharing my experiences in hope that it will help another HawkHost user and save them a  lot of time and worry.

 

I have had 4 different Joomla 1.5 sites attacked since January, all with variations of the same hack.

 

According the the Joomla community there has been a spike in these 'Hmei7' attacks since January. I found some info here that might be helpful to others with the same problem:

 

There is info here on how to start the clean up:

http://www.joshpate.com/2013/01/how-to-fix-hacked-by-hmei7-on-joomla-web-site/

http://blog.cripperz.sg/2013/01/12/how-to-fix-hacked-by-hmei7%E2%80%B3-on-joomla-web-site/

Also, once it is cleared up and Joomla updated to 1.5.26 (for those running 1.5) there are three extensions that are useful and cost effective:

JHackGuard (free): protects against common hack attempts.
http://extensions.joomla.org/extensions/access-a-security/site-security/site-protection/13233

AdminToolsPro (small subscription required): adds a firewall and automatically blocks IPs etc.
https://www.akeebabackup.com/products/admin-tools.html

JSecure Lite (free): changes the default Admin login page to something of your choice:
http://extensions.joomla.org/extensions/access-a-security/site-security/login-protection/23080

The last one is particularly useful as after installing AdminToolsPro and setting it up to notify me with failed Admin logins I could see that some sites were getting hammered with password guessing scripts. This dealt with that problem immediately.

 

Hope this helps someone.

 

Thanks.

Andy

Share this post


Link to post
Share on other sites

This is some excellent advice.  We see a lot of compromised accounts and lately it's been a lot of Joomla all running versions that are years old.  We try to block a lot of malicious requests every day but mod_security only goes so far without preventing a lot of users from accessing their sites.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now