Homepro Website Hacked

[supashot]

I was typing homepro in google and found this attached screeshot: "porno porno warez"

When you look at the source code of the page you will see it's been modified by a malicious user aka hacker.

Seems like they run an outdated version of Joomla.

Anyone working at homepro here?

[IamNotaNumber]

There are lots of half-arsed jerry-built websites around, especially in SE Asia. It's a wonder that more aren't hacked. I suppose the hackers cant be bothered either!

[dave111223]

lol, wow homepro are dumb, look at this code on their site, it's loaded with porn links:

<div style="display: none;">
   <a href="http://www.hdsexizlesene.info" style="text-decoration: none"><span style="font-size: 1pt"><font color="#green">porn</font></span></a>
  <a href="http://www.pornvideosu.org" style="text-decoration: none"><span style="font-size: 1pt"><font color="#green">porno</font></span></a>
  <a href="http://www.arsiztube.net" style="text-decoration: none"><span style="font-size: 1pt"><font color="#green">sikis</font></span></a>
  <a href="http://www.hdsexsizle.com" style="text-decoration: none"><span style="font-size: 1pt"><font color="#green">sex</font></span></a>
 </div>

<div style="display: none;">
								    <a href="http://www.pornxsikis.com" title="porno">porno</a>
								    <a href="http://www.rootwarez.org" title="warez">warez</a>
								    <a href="http://www.insuranceee.net/category/car-insurance" title="cheap car insurance">cheap car insurance</a>
								    </div>   

[dave111223]

There are lots of half-arsed jerry-built websites around, especially in SE Asia. It's a wonder that more aren't hacked. I suppose the hackers cant be bothered either!

All the hackers do is write a script to detect sites running software with vulnerabilities, then automatically exploit the security hole to paste in whatever code they want (ie a porn link or whatever they are currently being paid to promote). The chances are the hackers have never even visited the homepro website themselves.

[supashot]

There are lots of half-arsed jerry-built websites around, especially in SE Asia. It's a wonder that more aren't hacked. I suppose the hackers cant be bothered either!

All the hackers do is write a script to detect sites running software with vulnerabilities, then automatically exploit the security hole to paste in whatever code they want (ie a porn link or whatever they are currently being paid to promote). The chances are the hackers have never even visited the homepro website themselves.

most websites cracked are running Joomla btw in Thailand: http://is.gd/cJSsCZ

My Guess the admins are holidays all year long.

[somchaismith]

Bloody Anonymous, again.

[jsat]

All the hackers do is write a script to detect sites running software with vulnerabilities, then automatically exploit the security hole to paste in whatever code they want (ie a porn link or whatever

they are currently being paid to promote). The chances are the hackers have never even visited the homepro website themselves.

Yes 1,000's of script kiddies trying their luck.

We run a forum on an old version of joomla and you should see the daily hack attempt logs - about 20mb per month of hack attempts

(all failed to date thank goodness) as there are some very good security tools for joomla out there, but if as mentioned above the lazy admins

(and so called web designers) took the time to install these plugins there would be no issues.

But to me forum spam is worse then a defacement.