I have a template that I have been looking over to change a few elements in css, while browsing I see this.
I came across this in the /templates/tmpl_tmd028/css/index_hacked.css
my site is not hacked, this template has been on here since the free download from their website.
I just decided to look around and use it.
What does all this mean?
I have removed all remnants of the crap.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML dir=rtl><HEAD><TITLE>Hacked By MR-SA!D = Tunisian Hacker </TITLE>
<p align="center"><SPAN style="FILTER: blur(add=1,direction=270,strength=30)"><img border="0" src="http://sphotos.ak.fbcdn.net/hphotos-ak-snc4/hs632.snc4/59215_152945254725147_100000290195395_413815_7845331_n.jpg" width="411" height="368"></SPAN></p><SPAN style="FILTER: blur(add=1,direction=270,strength=30)"><P align=center><b><font color="#808080" face="OCR A Extended" size="4">Server</font><font color="#ffffff" face="OCR A Extended" size="4"></font><font face="OCR A Extended" size="4" color="#808080">Error</font></b></P><P align=center><b><font face="OCR A Extended" size="4" color="#808080">MR-SA!D</font><font face="OCR A Extended" size="4" color="#FFFFFF"> Hacked Your system</font></b></P>
<P align=center><b><font face="OCR A Extended" size="4" color="#FFFFFF">Where Is Your </font><font face="OCR A Extended" size="4" color="#808080">Security </font></b></P><P align=center><b><font face="OCR A Extended" size="4" color="#808080">Tunisian </font><font face="OCR A Extended" size="4" color="#FFFFFF">Hacker</font></b></P>
<P align=center><b><font face="OCR A Extended" size="4" color="#808080">To</font><font face="OCR A Extended" size="4" color="#FFFFFF"> Contact : </font><font face="OCR A Extended" size="4" color="#808080">SA</font><font face="OCR A Extended" size="4" color="#FFFFFF">iD</font><font face="OCR A Extended" size="4" color="#808080">@</font><font face="OCR A Extended" size="4" color="#FFFFFF">Hacker</font><font face="OCR A Extended" size="4" color="#808080">.Ps</font></b></P><B><FONT face="Palatino Linotype" size="6"><p align="center"><font face="OCR A Extended" size="3" color="#808080">My</font><font color="#ffffff" face="OCR A Extended" size="3"> Greetings </font><font face="OCR A Extended" size="3" color="#808080">to</font><font color="#ffffff" face="OCR A Extended" size="3"> </font><font color="#FFFFFF" face="OCR A Extended" size="3"> All</font><font color="#ffffff" face="OCR A Extended" size="3"> </font><font face="OCR A Extended" size="3" color="#808080">!!</font></p>
ManOfTeal.COM a Proud UNA site, six years running strong! |
Checking my download zip from their website on my desktop, it has that file included!
Why would they do that?
ManOfTeal.COM a Proud UNA site, six years running strong! |
My guess it looks like this site.
http://www.askeri-darbe.org/bak.php/?id=56865
Maybe you did not get hacked. It could have been done before you even got the template.
Not finding much info in the net.
EDIT. Ah, i see you checked the origional. My guess is they didn't. Perhaps they were hacked at one point in time and missed some file cleanup. Or perhaps they did not know.
https://www.deanbassett.com |
That's weird though, I have all of their free templates and have only checked that one.
It's the one with the big robot on the background if any are using it..
ManOfTeal.COM a Proud UNA site, six years running strong! |
Some of their templates were hacked and have this crap in 'em. I removed the entries for them and contacted them a long time ago. Looks like nothing has been done.
What's the template? At this point, I'm going to remove all their crap and send a more direct message.
BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin |
The thing is Nathan is I download directly from their site, not from here.
Some of their templates were hacked and have this crap in 'em. I removed the entries for them and contacted them a long time ago. Looks like nothing has been done.
What's the template? At this point, I'm going to remove all their crap and send a more direct message.
the template zip is tmdhosting_028.zip expanded to>tmpl_tmd028
[edit] thanks
ManOfTeal.COM a Proud UNA site, six years running strong! |
The thing is Nathan is I download directly from their site, not from here.
Some of their templates were hacked and have this crap in 'em. I removed the entries for them and contacted them a long time ago. Looks like nothing has been done.
What's the template? At this point, I'm going to remove all their crap and send a more direct message.
the template zip is tmdhosting_028.zip expanded to>tmpl_tmd028
[edit] thanks
Yes, I know their downloads are remote, but the templates are still advertised here.
BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin |
did i mention, i don't like TMD  so much to do.... |
Well I hope others see this..
I check the others that I downloaded and they do not contain the file.
I still will never use their products again.
ManOfTeal.COM a Proud UNA site, six years running strong! |
Many of their templates are outdated anyway and don't work on the newer versions of dolphins forums.
https://www.deanbassett.com |
I ran into the same problem with the index_hacked.css
I found it when I was going to do some css edits. The good thing was that I didn't download things from any sites other than this one and TMD so it was easy to narrow down the culprit.
Not knowing where the affected file was, I installed Dolphin in another folder and checked the CSS Settings in Admin and it was clean so that narrowed it down to modules and templates.
I spent most of the night (last night) trying to find the culprit with no luck. Then it clicked. Search for the hackers name. That's how I ended up here.
Being able to locate the folder and delete the file made me feel alot safer
Thanks for sharing this info here. I think more people need to be aware of how easy it is to be hacked. It can happen even if it's before you send anything to the server.
I'm just hoping that my sites aren't on a list anywhere 
Good luck and stay safe
|
