Site hacked - XSS

Hi all,

My domain has recently been flagged by Google/StopBadware: it says “may be distributing malware”. So I found malicious JavaScript code that was injected in two index.php files, then removed it. I’ve also updated my old phpBB to the latest version, among with several other things.

Has anyone else been attacked like this? Is there a chance that these exploits be a serverwide problem?

Thanks in advance,

See DreamHost Wiki - roubleshooting Hacked Sites

Another reason why its important to backup the web files and server log files. If you review the backups you can determine when the hack was made and get idea of how.

Customer since 2000 :cool: