[#10900] - Multiple websites offering unauthorized ebooks for download, but down
- Closed
- 22 Jun 2016
- Medium
- Build: master
- # 10900
Steps to reproduce the issue
I have found that while websites are using Joomla-software there appears to be a bug which makes it appear that the books published by DeLex are freely accessible for visitors of numerous websites (list below). We are receiving 3 to 5 announcements per day of our titles offered via Joomla-instructed websites. DeLex is a publishing agency, however, and the titles that are appearing free of charge aren’t free to use or to download.
Expected result
No appearance of any of our material for download
Actual result
The ebooks can not be downloaded, but leads you to other obscure websites; which leads to more obscure websites and leads to no downloads by the way...
System information (as much as possible)
Additional comments
Some references, but we get multiple messages per day...
1. http://www.cnenov.com/index.php/?option=com_k2&view=itemlist&task=user&id=15037.html (according to the source code it is JOOMLA-based)
http://fbroker.com.ua/?option=com_k2&view=itemlist&task=user&id=17025.html
(according to the source code it has a JOOMLA-theme)http://www.januszkurtyka.info/?option=com_k2&view=itemlist&task=user&id=34436.html
(according to the source code it has a JOOMLA-generator: "http://www.viviaranova.it/aranova/?option=com_k2&view=itemlist&task=user&id=9490.html
according to the source code it has a JOOMLA-generator: "http://www.luisaquaglia.it/?option=com_k2&view=itemlist&task=user&id=105873.html
according to the source code it has a JOOMLA-generator and CSS.
Note that the URLs all end with "?option=com_k2&view=itemlist&task=user&id=".
Addition to the previous list of the last 3 days:
http://www.seicsa.mx/?option=com_k2&view=itemlist&task=user&id=31368.html
http://www.salaaniello.com/?option=com_k2&view=itemlist&task=user&id=89362.html
http://www.robbertcharoe.nl/?option=com_k2&view=itemlist&task=user&id=31287.html
http://www.radiolegal.com.mx/?option=com_k2&view=itemlist&task=user&id=996246.html
http://okzbd.com/rubaiyat/?option=com_k2&view=itemlist&task=user&id=34004.html
http://www.vhfilm.vn/index.php/component/k2/author/16276.html?Itemid=0
http://regencylimoservices.com/?option=com_k2&view=itemlist&task=user&id=238506.html
http://www.trenirovka365.ru/?option=com_k2&view=itemlist&task=user&id=248162.html
http://www.studio-moda.it/?option=com_k2&view=itemlist&task=user&id=90312.html
http://cantral4u.com/?option=com_k2&view=itemlist&task=user&id=16490.html
and so on...
Votes
Please close this.
| Status | New | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2016-06-22 09:35:03 |
| Closed_By | ⇒ | brianteeman |
Thanks for the quick response.
We are confident that the experts will know best, and it happen to be that
all websites are Joomla-based. I would be please to know where else to let this fixed... Some addon-developer maybe?
TBH, it looks to me that these websites have been hacked as I found weird urls in the page code, some short urls linking to sex sites, etc.
It is impossible to know why and how they have been hacked as it depends on the version they used (latest or older vulnerable ones) and their servers.
In any case, when I tested their download links, all directed me to a specific site where I had to get credentials to download.
What has joomla to do with this? Do you really think the CMS has a special code that let's this happen?
It does not make sense. And even more as K2 is a commonly used 3rd party Joomla extension which is not provided by OSM.