Hacked Site. Issues restoring function

Are you sure Galley is the culprit?

At work, we had around 10 sites hit, resulting in a week from hell. Many had Gallery installed, many didn't. Okay, possibly the hack migrated around the server? Is that possible?

However, on my own server I have only two MODx sites, neither with Gallery installed and one of them got hit anyway. [ed. note: waizen last edited this post 5 years, 9 months ago.]

So, are these hacks SPECIFICALLY targeting MODX, or do they affect other sites as well?

Quote from: waizen at Jul 30, 2018, 03:05 PM

Are you sure Galley is the culprit?

At work, we had around 10 sites hit, resulting in a week from hell. Many had Gallery installed, many didn't. Okay, possibly the hack migrated around the server? Is that possible?

However, on my own server (HostGator reseller account) I have only two MODx sites, neither with Gallery installed and one of them got hit anyway.

Both MODX < 2.6.5 and Gallery are vulnerable. Not only Gallery.

Quote from: rainbowtiger at Jul 30, 2018, 03:13 PM

So, are these hacks SPECIFICALLY targeting MODX, or do they affect other sites as well?

This one is specifically targeting MODX.

Quote from: rainbowtiger at Jul 30, 2018, 03:13 PM

So, are these hacks SPECIFICALLY targeting MODX, or do they affect other sites as well?

During my updates(it will be almost thirty soon) there were Wordpress oriented files too аmong extraneous... btw I saw Wordpress security message, they released it at about the same time as MODX world began to suffer, which suggests that the exploit can be targeted not at MODX only