Websites Hacked1 user found helpful
Hacked By TheCur3. "United, we'll fail. Divided, we'll fall."
Hope that helps.
It's like complaining that your glove compartment didnt do a good job of securing your car. And then changing the lock on the glove compartment.
The op needs to evaluate other passwords (like FTP), services running on the server, etc. once these are fixed, a c5 password reset is in order.
Sent from my phone
Yes, your site was hacked. But I seriously doubt it was via concrete5. The only thing that would make me question that assumption is if the "hack" was clearly within concrete5. Like on a block or something.
More than likely it was through the filesystem. There are scripts that will change your PHP files directly, without any knowledge of c5 or wordpress or anything else. And there are scripts that will try to figure out how to get in in the first place. Maybe your host has you on an old version of an FTP client or something. Really, there are lots of possibilities. So just blocking the original hacker's IP or changing your domain name won't do much. There are 1000 other "kids" running the same script.
The best thing to do is figure out the source of the hack. Failing that (which can be difficult), make sure your entire server is upgraded to the latest operating system, services, etc. It wouldn't hurt to start from scratch. Once you have some confidence that the initial exploit is gone, then go ahead and reset your c5 password. (Or clean it now to get your site looking reasonable, but reclean it later, too). If you can't figure out how they got in, you can change your passwords and hope for the best. (It's possible they guessed/listened to one of your passwords, too....)
You really should talk to your host about this. They're likely to be the ones upgrading the software anyways....
Was the hack done at the PHP file level or the C5 level? By that I mean did the hacker add stuff to the .php Page Type files in your theme directory or did they edit the content of your site through the C5 front-end?
Do you know which kind of attack did you suffer?
Any customized add on (backdoor or something similar)?
What do you want exactly?
You are not alone: