Jevents Hacked? links to casinos, etc.

By Guest on Friday, 12 February 2016

Replies 5

Likes 0

Views 1.6K

Votes 0

I have been having problems with JEvents for a few weeks now. I just noticed this new problem.

When I click on a calendar event link on my home page calendar summary, I get this:

"bingo-games-online blackjack wizard-of--oz-slots continue onlineslotsrealmoney24... etc."

I don't even know where to begin. Can any tell me what might be happening?

Hello,

I doubt it is that JEvents has been hacked so to speak. More like you Joomla! Install.

Can you provide your JEvents support info as per .2 of the forum rules.

You will probably find your site has been hacked and you have millicious code added that when a condition is met. For example, it's quite common for hackers to implment their hacks like this, but so they only work when you come from a google search and not direct to the website.

Check your sites .htaccess for mallicious code?

If you hover over your event detail url, is it correct?

Many thanks
Tony

Guest

Friday, 12 February 2016 19:03

0 Likes

0 Votes

0 Comments

#165423

After having a tech from Godaddy look through my site yesterday, he told me that it looks like the JEvents module has been hacked.

They ran a Site-Lock scan on my site and removed malicious code, etc.

I just added a new event to the site a couple of hours ago, and the casino links showed up in it again.



PHP Version : 5.4.19

MySQL Version : 5.0.96-log

Server Information : Linux p3nlhg226.shr.prod.phx3.secureserver.net 2.6.32-604.30.3.lve1.3.63.el6.nfsfixes.x86_64 #1 SMP Mon Oct 26 11:56:49 MST 2015 x86_64

Fix jQuery? : Yes

Load JEvents Bootstrap CSS? : Yes

Max Input Vars ? : 2000

Club code set? : Yes  

User Agent : Mozilla/5.0 (Windows NT 6.0; rv:44.0) Gecko/20100101 Firefox/44.0  

Joomla : 3.4.8

component_com_jevents : 3.4.4

component_com_jce : 2.5.14

module_mod_jevents_cal : 3.4.4

module_mod_jevents_calendarplus : 3.3.3

module_mod_jevents_custom : 3.4.4

module_mod_jevents_filter : 3.4.4

module_mod_jevents_latest : 3.4.4

module_mod_jevents_legend : 3.4.4

module_mod_jevents_switchview : 3.4.4

layout_flatplus : 3.2.8

plugin_content_jevents : 3.4.4

plugin_finder_jevents : 3.4.4

plugin_search_eventsearch : 3.4.4

plugin_system_gwejson : 3.4.4

Guest

Tuesday, 16 February 2016 21:17

0 Likes

0 Votes

0 Comments

#165424

It looks as though there is still some malicious code on your server - if you send me login details via PM I'll see if I can find where it is.

Guest

Wednesday, 17 February 2016 08:10

0 Likes

0 Votes

0 Comments

#165425

Finally got this squared away and wanted to make sure I posted that JEvents had NOT been hacked. My site had, and for some reason it mostly manifested in the calendar.

Thanks again for your help.

Guest

Wednesday, 24 February 2016 20:40

0 Likes

0 Votes

0 Comments

#165426

Hello,

Glad to hear it! :-)

Many hanks
Tony

Guest

Thursday, 25 February 2016 00:41

0 Likes

0 Votes

0 Comments

#165427