Hiya, I hope someone can help with this. It really freaked me out.
I'm running UBB 7.5.6p2 and somehow got some malware injected onto my forum. There was a string in the header "<script src=http://forums.weddingbells.ca>" and also something about yes51.com. It went in in the config.inc.php file. it appeare in the header of all pages in the forum.
I deleted it and that seemed to fix it but then I noticed all my adsense publisher ids had been changed!
I changed 'em back so hopefully all good.
A couple of questions. How could that malware get injected in the first place?
Could it also change the Adsense IDs? That seems really sneaky.
How do I investigate closing the exploit - whatever it is?
Cheers in advance!