My bad. I just did a quick look and took off.

Well... there are a few obvious hacking methods...

1.) The first is outdated software running this site forum with known exploitable hacks...
2.) Keyword loggers that an administrator has on his computer.
3.) Brute force password attacks.


2.) We will set aside for the time being.

3.) Is easy if the administrators have weak passwords.

1.) Most likely there is a "simple" exploit that is vulnerable in the software running this site.
And uhhh... looks like there is from my quick search. I don't run this software on any of my
sites.... so I can not extrapolate.

1.)
a. From the observations it looks like it is a "Defacing" hack... that is no damage has been done to the SQL
databases.
b. "Defacing" websites is a popular "game" in the hacker's world.. they find an exploit and they search Google
to all the websites that have the vulnerability... and slap their name on the hacked site
A.K.A. "HvCvavcvkvevd vbvy Lvavsvt Tvovuvcvh" Remove the "v" for the name.


Remedy and prevention...

Update software.
**Change all administrators passwords.
**Have Hostgator perform a full virus check of your website at the sever level if perhaps the bad boys
left something behind.
**************
In the "Footer" file for this website... the PHP program V-Bulletin...
REMOVE the Tag... on the very bottom....
Powered by vBulletin® Version 4.2.0
Copyright © 2013 vBulletin Solutions, Inc. All rights reserved.
**************
Having that "Tag" is like, about as saying...

Hey BlueFish and Cownosed Rays.... come take my bait and snag my equipment.

That the "fish" can simply search Google.


Most likely it is just a defacing hack through a vulnerbility in the basic coding of the software that this site is using.

Rob-kayak....you are correct in your assesment!


Im gonna take the board down temporarily so i can patch it up.

Was it just the front page that got defaced?? Have you checked to make sure that there isn't malicious code or exploits buried somewhere on site? Or that everyone's password or other personal information wasn't compromised?

I am assuming that it was a defacement, since if the hackers goal was to infect other pcs or steal information they wouldn't change anything on the website to help avoid detection. None the less I would thoroughly examine the site and logs to be sure.

Could have also been another site running on the same server as Snaggedline.com that was compromised and the attacker just defaced all sites (mass defacement). Google ""Hacked by LastTouch" and you'll get a lot of hits. Assuming snaggedline runs on a shared server, looks like it does to me.

Either way, Grilled should probably get us on the latest version of vBulletin and see if the database containing the credentials was accessed.

Host gator performed a virus check on the server side and it came back negative. I applied the latest security patches on the site and am planning to upgrade to the latest version tonight. The database was not affected as far as I can tell. He just screwed around with the index file. The hacker actually created an account on the board as an administrator...ha! Yakattack also got hacked!

I got the same thing when I tried to access snaggedline from my work computer as a test.

Have Norton 360 on my computer not problems all day.

SAMwich!!!

How 'bout that knife? Look at that knife!

The fish was ok but dang.....what a knife! Bawahaha.....

Still hacked, now i get this weird green screen.

Same here . Ari Tiga Angka Enam ..... Whatever the hell that means !

Yup same here...very weird.

I got something weird this morning too.

I got hacked on my Saltfish site for Delaware Bay as well as this site....I guess it's the server.