Our gallery is getting HACKED.. need help.. will pay

[Happiness]

Grrr... our site has been hacked by "The Kind Hacker" who has seemed to found a way to hack into coppermine software on not just my site but a few others that have Coppermine.  I really need to get this fixed and SOON... he has hacked us every day for the last week and all he is doing is changing the INDEX files but it is such a pain and I need to get this fixed.  Can someone please help us.  I dont know how he has done it but now he is also on our VB forum doing the same thing.

Please contact me at:

devotedfansnetwork@hotmail.com and let me know how much this might cost us.

Thanks.

[Nibbler]

The problem is more likely to be in vb than in coppermine. Are you running coppermine 1.3.3 ?

[kegobeer]

A Google for "The Kind Hacker" turns up vBulletin hacks, but nothing on Coppermine.  If this guy exploits a VB weakness to gain access to the file system, he can mess with anything until the weakness is plugged.  Nothing leads me to believe this is a Coppermine weakness.

Just one example of it's work (note the vBulletin statement in it's ransom email):
http://www.usj.com.my/usjXpress/details.php3?table=usjXpress&ID=385

[kegobeer]

I looked at vBulletin's site - only one post about this jackass, and no resolution.  I'm only guessing here, but the latest version may plug the hole, but then again it may not.  You should contact vBulletin directly  about this hacker.  If I were you I'd change all my passwords (Coppermine, vBulletin, any other app on your site, MySQL, your control panel, FTP, etc), take the forum off-line, and wait until you know that your bbs is secure.

[kegobeer]

No further posts, so I'm marking this as invalid.