Both forums where using phpBB 2.0.15 and there was a bug with it, since i was out, could not upgrade the phpBB, cause the hacker in. Anyway i have deleted all files of http://forums.bizbeginners.biz and moved it to http://bizbeginners.netfreehost.com so i don’t have to upgrade the forum everytime phpBB release a new version. Upgrading the mutliforum will do.
BizHat.com forum, hacker uploaded some php shell type scripts, also one zip file with size around 30 MB, unziped it and shared the content, mostly mp3 files.
I have deleted all his files, and upgraded phpBB to latest version.
After few days, the forum (http://forums.bizhat.com) hacked again. Hacker deleted two sub forums and lot of posts. Later found the hacker got in through a phpBB toolkit i have installed, when he is in, he have noted the password and used that password to gain access. I forget to change its password after the hacking.
Now phpBB MySQL user is deleted, all users with acess host % also removed, so MySQL can be connected only from localhost only. New phpBB mysql user is created and a new version of phpBB from www.phpbb.com uploaded. All new files. Forum is back online.
Few days of harwork…. reminding to keep hacker (any fool can get in, if there is a hole) away.