HPROnline.org got hacked today by some Turkish hacking group. Instead of the normal loading screen, the website minimized into a tiny box that ran around on your monitor before finally expanding and displaying the hackers’ identities.

The attack seemed to be targeting Joomla-based websites. In response, I’ve changed some of the file permissions, ran some security updates, and removed unused extensions. I flushed out some Perl scripts that automatically rehacked the website. However, part of the attack seems to be an SQL injection targeting the admin user. Everything looks good right now, but I still have some more work to do in this regard.