Joomla is one of the more popular open source content management systems used by website owners globally. It's $0 price tag drives the success of this application among the internet community, however it's Open Source nature additionally drives a huge community of Hackers to exploit the software by finding vulnerabilities in the code of the application. Website hacking is a huge business and has been on the rise, as organised crime around the world has started to fund a lot of the hacker activity over the last five years. Joomla! posts updates and patches to their software on a regular basis, which need to be installed by the website owner. All website owners should bookmark the joomla.org website and check their regular updates. The purpose of the hackers attempts to exploit websites include but are not limited to:
- Setting up a Phishing website for banks and other financial institutions to acquire login details belonging to individuals and companies
- Setting up a Phishing website for organisations holding sensitive data of individuals and companies for Identity Theft or other malicious reasons
- Installation of Malware and Trojans on visitors computers
- Establishing access to visitors computers to acquire saved form data (credit card details)
- Establishing access to visitors computers email software to mass mailout SPAM email messages
- Installing scripts that attempt to execute server commands to the detriment of server stability
- Acquiring sensitive data stored on the website database or inside web files (e.g. credit card details if not purged correctly)
- Acquiring access to website email services to send unsolicited SPAM email messages
- Defacing website content
We urge all Joomla users to patch/upgrade Joomla as well as all installed plugins to the latest stable released versions on the Joomla.org website. Below are some useful links which provide Joomla users with more tips on keeping their Joomla built websites safe.
We additionally recommend customers review the following article regarding Protecting your Website against Hacker Attacks.