Sascha

I did a little research. The hacker injected the malicious code into the "append" column in each zone under "rv_zones" in the database. The table "rv_banners" seems not to be affected. Additionally, there was a malicious PHP code under \www\delivery\ with the name "js.php". According to the virus scanner a malicious code named "PHP.Filesman". With this the hackers probably have access to the website.

The attempt to upgrade my Revive server from version 4.1.3. to version 5.0.5 fails because of step 4 of the update process. The error message "On ore more plugin files could not be located..." appears. I'm pretty sure I entered the correct path to the old installation. Does anyone have a tip for me what I am doing wrong? I use a virtual server based on Plesk under LINUX. The path to the old installation is given by me as follows: https://anzeigen.XXXXXXXX.de/revive/ The path to the new installation is below: https://anzeigen.XXXXXXXX.de/revive505/ I would be happy about a tip! Thanks Sascha Translated with www.DeepL.com/Translator (free version)

Hello, Ian, thanks for your answer! Do you know if this hack only compromises the files on the server or are the databases also affected? I might be able to recover the files.

Hello dear service team, i run my own webserver with the Revice-version 4.13 and it seems to have been hacked in the last days or weeks. https://blog.confiant.com/tag-barnakle-the-malvertiser-that-hacks-revive-ad-servers-redirects-victims-to-malware-50cdc57435b1 Unfortunately I don't have a backup of a version before the hack. Is there a possibility to restore my adserver by updating to the new version? Or is the attack so deep that I have to completely rebuild the server? Do you have a tip for me how I can fix the current server and how I can then update to the latest version. Is the new version safe from this hack? I would also like to use the services of an experienced developer to solve the problem. I would be very happy about your help! Many greetings! Sascha