Malware Detected!

Warning: Visiting this site may harm your computer!

The website at .....ru appears to host malware - software that can hurt your computer or otherwise operate without your consent.  Just viisting a site that hosts malware can infect your computer.

For detailed information about the problems with this site, visit the Google Safe Browsing diagnostic page for this address

I understand that visiting this site may harm my computer.

Continue?

Even if you use the latest versions of Community Builder (v1.2) and Joomla (v1.0.14) then you're vulnerable to a hack.  Watch for users signing up with the .ru top-level domain as they love playing this about and giving all russians a bad name on the net.

If you visit your site and receive either the above error or the alert that a malware was detected: congratulations! you've been hacked.

So first of all check that this is not just a hack to your index.html file in your web root folder (you may find a .heder.php file as well in your webroot as well as some strange index files with strange naming conventions (eg. xzcseifs_kdiek.html) which shouldn't be there either).  You'll need to remove these and restore your website.  I'd suggest joomlapack if you're using a joomla site, backup just the database, do a fresh install of joomla and use the database sql file as the migration script.

There are some more details of prevous CB hacks in the Joomla forum (source: http://forum.joomla.org/viewtopic.php?t=84436) .  

In fact, there are quite a few vulnerabilities my scanners have picked up on and so I'll be posting solutions for those who need to keep Community Builder as their user manager.  There are several things I have picked up which I will go into more detail as I test each one (11.11.09):

•  administrator/components/com_comprofiler/plugin.class.php
• variable mosConfig_absolute_path
• http://secunia.com/advisories/14337
• allow_url_fopen = Off

Keywords:

Hacking, XSS & SQL-Injections.