My brand new joomla site got hacked!

Do you know how they did it?

They added a lot of folder and files that forward us to pop-up windows and russian pages. I talked to the host now. Usually the problem is outdated joomla site or plugins, but I din't think anything was outdated, except a form I used in Iframe from joomla..

We don't know what it is. They couldn't see anything from the log. I will download latest joomla files (done this before...) and move the files I need from the hacked site, make new forms and make a new ftp password. I'm glad the forum is safe

seems from a quick google search it happens quite a lot most likely it is sql injection using non sanitised forms somewhere

A lot of added files everywhere and also the database is hacked

Must be the forms. Asp files that posted to a access database.

I feel your pain, we had a similar issue with Snitz a few years ago, took ages to sort it out