This is a common hack of a trojan that has your FTP account data. One of your PCs you used FTP to your site most problably was infected.
First you need to scan all client PCs that had access to your site for that trojan/backdor and remove it. only after that you should change all passwords (Mysql, FTP, blog, Mail, ...), and then upload a fresh, unmodified serendipity release version over your blog.
Also delete all files iny our templates_c directory.
Regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
I had a huge problem with my host, multiple sites got infected with malware, all but 1 of the sites are now clean.
However, my home page is now backup and working and clean.
I was just thinking with S9y 1.4 with it's version checking. Is there a way one can encrypt/compress the main core code of s9y so that there is no way for someone to be able to view the source code ?
Just wondering.
regards,
Andy
Serendipity - Site, finished
Mine that is ... so lots of nonsensical Stuff
it is possible to "compile" php-code. but s9y is opensource, so even than you could download the uncompiled code and read it. and of course, security by obscurity is a very bad way to enhance security. look at windows, without sourcecode, there is enough maleware that takes advantage of bugs in the code.
Andyman77 wrote:You are correct there. Just an Idea, spawn through the madness of 2 weeks of intense problems with my hosting company and my websites.
You did, like I mentioned, SCAN ALL YOUR PCs? Your recent trouble VERY MUCH emphasizes that one of your PCs might be infected, and that you might go through the same problems again in a few days.
Regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/