Compromised Joomla Site
On Friday someone managed to compromise the server and install something that spam emails Amazon.com and puts the server load up to 75-80%.
This kills the server so nothing runs, and I am being bombarded by my web host to sort the problem fast!
We have detected the compromised accounts, and all 3 are running off Joomla, and more importantly, all 3 are running the same Gallery plugin.
We have found the injected script and we are looking for someone that is able to remove the hack, and more importantly fix the security hole.
Thank you for your time