If you are viewing this page, it is likely that your forum was hacked or you are seeking ways to secure your forum.

If you notice that any one of these situations has happened to your forum, then you were hacked:

Or did Google alert your visitors that “Visiting this site may harm your computer” and throw up the following page to your forum?

What If I Do Nothing?

Nobody knows the intention of the hacker. Whether he/she/they just wanted to prove a point or they are planning for another round of attack is not important now. The key is to secure forums to prevent any unnecessary damage to the forum community.  Due to admin and backdoor access, the hacker can essentially take over your forum, harvest all of your members’ information, steal financial information, inject malware into your site, redirect your pages to third party websites, or even modify your advertisements and insert their own.

What Can I Do Now?

After fixing a great number of forums, we discovered a distinct pattern of attack and formulated a process to clean and secure the forums. We would like to present to you a few options to consider:

Follow vBulletin’s instructions

Follow the instructions that vBulletin outlines below:

http://www.vbulletin.com/forum/blogs/zachery/3993888-fixing-your-site-after-you-have-been-hacked
http://www.vbulletin.com/forum/blogs/zachery/3993849-best-practices-for-securing-your-vbulletin-site

The processes defined by vBulleitn should help if your forums does not have any custom theme or coding and you are technically-minded enough to handle it yourself.  Even if you follow the direction completely, some of your mod(s) and theme(s) may not work after you finish; especially those mod(s) and theme(s) that do not follow the best coding guidelines. Following the vBulletin’s instructions could end up causing even more issues on your forum and upset your already-frustrated community. If your forum is still using the default theme and has no mod installed, then it is safe to follow vBulletin’s suggestions.

Order Our vBulletin Hack Cleaning Service

Our cleaning service will include everything outlined in the vBulletin’s suggestions plus:

  • Preserve your custom theme(s) and mod(s) to make sure that the hack removal will keep your forum functions the same
  • Perform Malware Scan for your entire site to ensure no Malware detected
  • Audit against admincp logs to detect and remove any malicious activities
  • Audit the templates modification, identify and remove malicious code
  • Scan the settings data to ensure that no malicious settings were inserted
  • Scan the forums data (title/description) for malicious code
  • Scan all plugins/mods to make sure that no malicious plugin/mod has being installed
  • Scan the phrases data to make sure that no malicious code was injected
  • Check vBulletin schedule job to ensure that no malicious schedule jobs were added
  • Check files changes using vB’s diagnostic tool to ensure that no malicious code was injected
  • Scan your web, ftp, and database server logs for suspicious activities
  • Compare database settings against a freshly installed database setting to spot any malicious changes
  • Provide a list of users whose password(s) was/were changed since the hack
  • Check file permission and other files to detect if hacker modify any file permission
  • Check server level schedule job (cron) to ensure that no malicious schedule jobs were added
  • Establish IP level control to restrict access to critical resources (e.g. cPanel, WHM, admincp, modcp, etc)

We perform the cleaning service from our secured network. All of your access information will be handled in a secure and private manner and will be removed after the work is completed.

All hacking situations are different in nature. Please provide us with as much information as possible and we will provide a custom quote and cleaning plan for you.

  1. (required)
  2. (valid email required)
  3. (required)
  4. (required)
  5. Captcha
 

cforms contact form by delicious:days

We strongly encourage you to take one of the actions above. Shall you have any questions or overall concerns about this hacking situation, please contact us or call us to discuss (Press 8 at the main menu).

FAQ:

Q: Will you upgrade my forum?

A: No we will not. Our main purpose is to get your forum back to how it was before the hack. Blindly upgrading the forum will usually create more trouble and issues to the forum. For example, the theme may not work with the new version or certain mission critical mods will not support the new version. To make matter worse, if upgrading from 4.x to 5.x, you will lose all of the theme and almost all of the mods as these two platforms are completely different. We will, however, patch your forum with any available patch version.

Q: How do I know you are working on our forum and not the hacker?

A: We will provide you with our IP address(es) so that you know who is coming in to work on your forum. You can further tell your web host to only allow our IP to certain secured areas, like admincp, cPanel, SSH, FTP, etc.

Q: Will my access info be handled securely?

A: YES. We treat all of our clients’ data securely, just like how we treat our own. We have a password vault system where only the team member who is assigned can see the access info. Once the work is done, the access info will be completely removed from our system. We will also provide instruction for you to change all the passwords after our work and we encourage you to do so.

Q: Do you guarantee your work?

A: Yes. With our monitoring service, we will be with you for 3 months or more. During this period of time, we will continue to provide you with the security service, weekly scan reports, and, should there be any Malware or hack situation, we will clean it for you for free.

Q: What kind of access info do you need from me?

A: Once the order is placed, we will provide detailed instructions on what kind of information we will need from you.

Q: Do I need to shut my forum down right now or while you are working on it?

A: Yes. It is safer to shut it down right away until our team can start working on your forum.

Q: How does this process work?

A: Once the order is placed, one of our team members will contact you to get the process started. This is the general process outline:
– Gather access info
– Identify damage severity level
– Carry out cleaning process
– Perform Malware scanning
– Provide report of the work completed

Q: How soon will it be done?

A: It greatly depends on the size of your forum and the complexity of the hack situation. The turnaround time ranges from 8 hours to 3 days.

Q: What are your qualifications for this?

A: We have worked on over 500 vBulletin forums from around the world for the past 10+ years. We also have a security team with years of experience on Malware, hacking and server-level security.