@FRECHINFOWEB can you please write in English?

Translation with google:

Hello,

What I have done
Installation of the latest version of Joomla with the VARSITA theme.

What happened
Sending of 127727 spam emails by component "com_tags"

What should have happened
No shipment.

Other information
We offer optimized accommodation and a client who has installed a Joomla on his webspace and ended up with a problem. We quickly found through the SPF, DKIM and DMARC installed on the server that the site Joomla or rather the component "com_tags" to a flaw and was used as an e-mail server to send spam to people ...

See more here: https://www.facebook.com/frechinfoweb/posts/1197945480327986

Regards,
The FréchInfoWeb team

@FRECHINFOWEB it would be great if you could share any details you have with us.

Translation with google:

Other information
We offer optimized hosting and a client who has installed a Joomla on his webspace and ended up with a problem. We quickly found through the SPF, DKIM and DMARC installed on the server that the site Joomla or rather the component "com_tags" to a flaw and was used as an e-mail server to send spam to people ...

See more here: https://www.facebook.com/frechinfoweb/posts/1197945480327986

Regards,
The FréchInfoWeb team

it would be great if you could offer details about the problem. And not repeat what you have posted above ?

Vous voulez quoi comme information ?

Cordialement,
L'équipe FréchInfoWeb

Translation with google:

Want what as information?

Regards,
The FréchInfoWeb team

Je n'ai que ça comme information :

J'ai parcouru les journaux de messagerie et j'ai constaté que le répertoire "public_html/administrator/components/com_tags/helpers" a envoyé 127727 messages depuis le début du journal.

Translation :

I scanned the mail logs and found that the public_html/administrator/components/com_tags/helpers directory has sent 127727 messages since the log started.

In that folder is just one single file: https://github.com/joomla/joomla-cms/blob/staging/administrator/components/com_tags/helpers/tags.php Which does nothing with mail sending.

This more sounds like a hack to me. Please contact someone that can help you with hacked webseites. https://resources.joomla.org/en/category/joomla-security

If you need assistance with fixing your site, please contact the person or company that originally setup your site. If this is not an option, and you still require assistance, our resources site contains lists of possible consultants.

Please note: Joomla! and Open Source Matters, are not able to recommend a specific person, or company for assistance.

I'm closing this for that reason. thanks for contacting us.

Entendu,

Après ce n'est pas moi qui l'a installé mais suivant les dates de création, tout à été installé en même temps et il y a 3 fichiers dans ce dossier, celui que vous avez dit mais également "db78.php" et "index.html"

Cordialement,
L'équipe FréchInfoWeb

Translation :
Heard,

After it was not installed, but according to the creation dates, everything was installed at the same time and there are 3 files in this folder, the one you said but also "db78.php" and " Index.html "

Regards,
The FréchInfoWeb team

yes this db78.php is not from the core. So it looks like you are hacked.

ok think you