Last night I was contacted by Fenway in regards to the issue posted in this topic. I was away from the computer but within minutes I got in contact with Josh, who then looked further into the issue.
It turns out that someone managed to gain unauthorized access to our host directory and uploaded a few spammy files that were causing redirection to another spam website. This person also modified a few .htaccess files, which dictate how your browser navigates through the site when you visit it.
Two of the pages (which we have now removed) that were added by the attacker were were:
From what I can see, it doesn't sound like many people were actually affected by the redirection. This makes me believe that the attack was likely carried out by a bot who just attempted to brute force its way into our ftp accounts (and succeeded), and then automatically uploaded the files.
In response to this issue we have:
- Removed the malicious files
- Fixed the behavior of our .htaccess files
- Changed all of the passwords to our FTP accounts
- Contacted Hostgator (our host company) and requested a security scan of our website
There are a few other measures I plan on taking to help ensure this type of thing doesn't happen again. In addition to this, as far as I can tell, our database was not compromised and user accounts, passwords, emails, etc. should still be 100% safe.
All in all, this issue could have been a lot more serious but we managed to catch and repair it relatively quickly. I would also like to thank UrASmurf for reporting the problem and Josh for taking time to resolve it.