DNN Forums

Ask questions about your website to get help learning DNN and help resolve issues.
  • Search Forums
    Advanced Search
Prev
Next
Forums Using DNN Platform Administration and Configuration

My Website is Hacked by Sports Spammer!

 8 Replies
 1 Subscribed to this topic
 40 Subscribed to this forum
Sort:
Author
Messages
Lina
New Around Here
Posts: 3
New Around Here
10/28/2019 8:55 AM

Hi Everyone.

Last few days, I saw that my bandwith increase a lot. After that I got notification from Google Search Console that my website had bad links. Then I discover that someone hacked my root server and upload lot's of HTML files for sports streaming. I don't know how they do that. They create a folder name /video/ at my website and upload all files there. How they do that. 

Here is my website : http://virginiasafaripark.com/ and the effect links like http://virginiasafaripark...-NCAA-Live-hq03.html . Can anybody figer out how they do that? Can you please check my website and tell me where is the bug or problem which are the reason of this hacking problem? 

 

Thanks a in Advance. 

Timo Breumelhof.
Senior Member
Posts: 1322
Senior Member
3 Helpful Replier
Helpful Replier
Thanks for being such a helpful replier!
Lifesaver
Lifesaver
You're Life Saver!
New Poster
New Poster
Congrats on posting!
3 Engaged Reader
Engaged Reader
You are an engaged reader!
10/28/2019 8:58 AM

What version of DNN are you using?

Lina
New Around Here
Posts: 3
New Around Here
10/28/2019 9:12 AM
Posted By Timo Breumelhof on 28 Oct 2019 08:58 AM

What version of DNN are you using?

 

DNN 7.0.0

 

Timo Breumelhof.
Senior Member
Posts: 1322
Senior Member
3 Helpful Replier
Helpful Replier
Thanks for being such a helpful replier!
Lifesaver
Lifesaver
You're Life Saver!
New Poster
New Poster
Congrats on posting!
3 Engaged Reader
Engaged Reader
You are an engaged reader!
10/28/2019 9:15 AM

In that case there can be serveral methods how you got hacked.
You should really clean up the site, reset passwords, check for extra added user accounts and upgrade to DNN 9.4.1 ASAP.
DNN 7.0.0 is old and a lot of security issues have been fixed since.

Lina
New Around Here
Posts: 3
New Around Here
10/28/2019 9:26 AM

Thanks! I will do that. But can you please describe me those way they got my site???

Timo Breumelhof.
Senior Member
Posts: 1322
Senior Member
3 Helpful Replier
Helpful Replier
Thanks for being such a helpful replier!
Lifesaver
Lifesaver
You're Life Saver!
New Poster
New Poster
Congrats on posting!
3 Engaged Reader
Engaged Reader
You are an engaged reader!
10/28/2019 11:37 AM
Posted By Lina on 28 Oct 2019 09:26 AM

Thanks! I will do that. But can you please describe me those way they got my site???

Sorry, but not really.

First of all there are mutliple possibilites, and I could not see which one is used.
My best guess it that it's the RAD editor, but I'm not sure. https://www.dnnsoftware.c...pdate--september2017
Secondly security issues are not published in detail, not even to MVPs as that would mean they could get out in the open and used.
So for most of the issues don't even know what the exact exploit is and if I would I would not post it in a forum.

I hope you understand.

 

 

Betacam
New Around Here
Posts: 14
New Around Here
2/27/2020 9:59 AM

IME it is often weak FTP passwords.  

DNN user since v3
1
liked by Members
Timo Breumelhof.
Senior Member
Posts: 1322
Senior Member
3 Helpful Replier
Helpful Replier
Thanks for being such a helpful replier!
Lifesaver
Lifesaver
You're Life Saver!
New Poster
New Poster
Congrats on posting!
3 Engaged Reader
Engaged Reader
You are an engaged reader!
8/17/2021 8:16 AM
Posted By Betacam on 27 Feb 2020 09:59 AM

IME it is often weak FTP passwords.  

I think DNN 7.0.0 has some entry points too..

 

 

HungD
New Around Here
Posts: 4
New Around Here
New Member
New Member
You are a new member!
2/13/2026 3:46 AM
My old DNN site dnn360.net got hacked for a while before I found junk files in the root (it's discontinued now). Later on I involved in cybersecurity full-time for years, and we ended up creating DNNDefender — a module built from real-world knowledge to catch webshells and protect DNN sites.
Download the trial for free, scan your site, and see what it finds. No need to buy yet — if it's useful, tell others; if not, just let me know privately. Feedback is gold!

These Forums are for the discussion of the open source CMS DNN platform and ecosystem.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. If you have (suspected) security issues, please DO NOT post them in the forums but instead follow the official DNN security policy
  2. No Advertising. This includes the promotion of commercial and non-commercial products or services which are not directly related to DNN.
  3. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  4. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  5. No Flaming or Trolling.
  6. No Profanity, Racism, or Prejudice.
  7. Site Moderators have the final word on approving / removing a thread or post or comment.
  8. English language posting only, please.

Would you like to help us?

Awesome! Simply post in the forums using the link below and we'll get you started.

Get Involved