09-06-2021, 11:19 PM
Obviously, change your password folks. It seems they overwrote the default template settings to display their payload. We have evidence that the database got dumped as well. so they probably have a copy of everything on the board. In any case, I undid their damages, minus the graphics. I was sure as to the extent of what they did at first, so I did a fresh copy of the base forum software, no plugins. The graphics are still in the backup folder, and I'll move them across later. Right now I'm tired. It wasn't even hard to remove.
We do know how they got in, and that plugin has been removed. We are aware of other vulnerabilities that they could potentially attack. We were aware of the one they exploited as well. This is why we were actively looking for other software to migrate to, but had yet to finish testing of the solutions to make sure they would work before disrupting the entire community. We still plan on doing that. It may take a little time, as we are volunteers with very busy real life schedules.
We do know how they got in, and that plugin has been removed. We are aware of other vulnerabilities that they could potentially attack. We were aware of the one they exploited as well. This is why we were actively looking for other software to migrate to, but had yet to finish testing of the solutions to make sure they would work before disrupting the entire community. We still plan on doing that. It may take a little time, as we are volunteers with very busy real life schedules.