Joomla for Mobile has been hacked

I am currently having a problem with Joomla for Mobile on my site (free version). The desktop version of the site isn't affected only when I am viewing the site on a mobile device and Joomla for Mobile is turned on. It starts out OK then when I get to a specific article the content is replace with text that talks about online gambling sites and Viagra. It does the same thing when I direct the mobile version to the Elegance template or any other. When I back out of it the menu titles are replaced with the same Gambling and Viagra stuff. When I restore the website to a previous date the problem disappears and it takes a few days before it is corrupted again.

Is there a known vulnerability with Joomla for Mobile? I want to get the Joomla for Mobile pro version so I can have ipad support, will installing that fix the problem? Is there something I should do to before I install the pro version? If the pro version does not work can I get a refund?

What is URL of your website?

my url is kelonwamap.com

You asked me what is the url of my website that has been hacked and I mis spelled it. It is kelownamap.com

Did you try to run diff utility for backup and "hacked" site files? Is there a difference except of MJ installation? What 3rdparty extensions do you use? Did you download them from official websites?

I don;t know the DIFF UTILITY where can i get it.
I only use offcial download from joomla comunity sites

In most Linux distributives "diff" command is preinstalled. You can run it with "-r" parameter to compare directories recursively:

diff -r /path/to/dir1 /path/to/dir2

I'm also thinking of purchasing a pro version.
But I don't see satisfactory answers to this hacking issue. Is MJ prone to hacking? Are there issues one should be aware of? Are there ways to harden and MJ install?

tdellum

Joomla Team has special page to list all found vulnerabilities: docs.joomla.org/Vulnerable_Extensions_List
Mobile Joomla is not listed there.

The problem is that templates/<any template>/html/com_content/<any view directory> is a "standard" directory to put shell codes. If Mobile Joomla is not installed, hackers will use any of desktop template directories. These directories are not part of Joomla package, so reinstall Joomla keeping old templates doesn't remove shell code, and it is sufficiently nested, so that it is very unlikely that the shell will be found in manual mode.