I recently discovered that my school's site has been hacked, our config.php is full of anchor links to online meds, there are lord knows how many "new" users all with very questionable content in their profiles and there are hundreds of pages of html inserted into a folder in my www directory, all about, you guessed it, online meds. *sigh*
EDIT: I have read through some of the other posting here and notice that I have the same Hackcheckstr problem as this posting here: http://moodle.org/mod/forum/discuss.php?d=115416
I have currently:
- Switched the site into maintenance mode
- I'm downloading the whole site locally in case they have access to the whole directory etc
- I've backed up and downloaded the database locally
What I'd like to ask you guys is what should I do next?
Thanks in advance for any help, suggestions or advice.