- Created on Saturday, 26 February 2011 18:28
Recently our site got jeopardized and Xmap's installation package was infected with malicious code. We replaced the infected file as soon as we received the notification from the Joomla Extension Directory (JED) team about the problem.
The infected installation package was online for two days (Feb 21st - Feb 23rd) so if you downloaded it between those days we strongly suggest you to uninstall and reinstall it as soon as possible, and perform a full site scan to find any possible malicious code.
We have allocated the clean packages in the JoomlaCode project for security reasons.
In order to know if you have installed an infected version of Xmap, take a look at the file /administrator/components/com_xmap/install.xmap.php
If the first line starts with the following piece of code then you have installed an infected version of Xmap.
Also, check if there is a file called theme.php in the folder: /components/com_xmap/cache/
If you have installed the infected package, it's recommended to restore your site with a backup made before the installation and change all the related passwords. If you don't have a backup, then reinstall everything from scratch.
We have made a full re-installation of our site and removed all the malicious code from it and we have taken some extra security measures. We are really sorry for all the problems this may have caused you.