I had the same issue. The injection also changed my DB structure for the append column in the ox_zones table. No other files were modified, but I do believe the code put in the file, did the other modification to put in the code that was added to the append column
I did also have another issue where an intruder logged into our system, the log said as me, and added code the mobile redirection directly to the ad creative. I added a different admin user, and removed my old one... I also reinstalled revive-adserver.
I haven't seen any traffic since then of people poking around my admin area. Just tonight someone tried to do the fc.php injection. I already have php execution disabled in my images folder. The difference now is the permissions on the plugins folder. They are unable to write to that file now.
Mobile ads have been hijacked
in Using Revive Adserver
Posted
I had the same issue. The injection also changed my DB structure for the append column in the ox_zones table. No other files were modified, but I do believe the code put in the file, did the other modification to put in the code that was added to the append column
I did also have another issue where an intruder logged into our system, the log said as me, and added code the mobile redirection directly to the ad creative. I added a different admin user, and removed my old one... I also reinstalled revive-adserver.
I haven't seen any traffic since then of people poking around my admin area. Just tonight someone tried to do the fc.php injection. I already have php execution disabled in my images folder. The difference now is the permissions on the plugins folder. They are unable to write to that file now.