Joomla is one of the more popular open source content management systems used by website owners globally. It's price tag of $0 drives the success of this application among the internet community, however it's Open Source nature additionally drives a huge community of Hackers to exploit the software by finding vulnerabilities in the code of the application. Website hacking is in fact a huge business and has been on the rise, as organised crime around the world has started to fund a lot of the hacker activity over the last 5 years. Joomla! posts updates and patches to their software on a regular basis, which are required to be installed by the website owner. All website owners should be aware of the joomla.org website and updates advertised by them. The purpose of the hackers attempts to exploit websites include but are not limited to:
- Setting up a Phishing website for banks and other financial institutions to acquire login details belonging to individuals and companies.
- Setting up a Phishing website for organisations holding sensitive data of individuals and companies for Identity Theft or other malicious reasons.
- Installation of Malware and Trojans on visitors computers.
- Establishing access to visitors computers to acquire saved form data (credit card details).
- Establishing access to visitors computers email software to mass mailout SPAM email messages.
- Installation of scripts attempting to execute server commands to the detriment of server stability.
- Acquiring of sensitive data stored on the website database or inside web files (e.g. credit card details if not purged correctly).
- Acquiring access to website email services to send unsolicited SPAM email messages.
- Defacing of the website content.
We urge all Joomla users to patch/upgrade Joomla as well as all installed plugins to the latest stable released versions on the Joomla.org website. Below are some useful links which provide Joomla users with more tips on keeping their Joomla built websites safe.