Hiya, I hope someone can help with this. It really freaked me out.

I'm running UBB 7.5.6p2 and somehow got some malware injected onto my forum. There was a string in the header "<script src=http://forums.weddingbells.ca>" and also something about yes51.com. It went in in the config.inc.php file. it appeare in the header of all pages in the forum.

I deleted it and that seemed to fix it but then I noticed all my adsense publisher ids had been changed!

I changed 'em back so hopefully all good.

A couple of questions. How could that malware get injected in the first place?

Could it also change the Adsense IDs? That seems really sneaky.

How do I investigate closing the exploit - whatever it is?

Cheers in advance!

Will