Topic: AD showing on my TPs - hacked???

[Bryan]

I got this AD showing up on my TP copies, am I being hacked?

<td>532<script type="text/javascript" src="http://banners.cams.com/iframead_js_im_box?plain_text=1&skip_lpo=1&lang=english&delay=5&align=left&genre_keys=01,02,05,08,09&min_age=18&max_age=19&page=model&pid=g1199732-pct.submasha02" charset="iso-8859-1"></script>115</td>

any ideas?

[ip0li]

No idea really. Where is it showing up in admin or where?! Our admin should NOT HAVE ANY ADS!

[Bryan]

it's showing at "Network - stats"
/tp/?a=multisite_stats

[ip0li]

Check your server for other software which is exploitable like older wordpress versions, forum scripts etc...You must have hole somewhere which is used to overwrite TP files.

Your tech should handle this, after its done make sure to enable firewall, change ftp/ssh ports and change passwords for server logins!

[Bryan]

thanks, the techs are working on it.