I installed Mobile Joomla a year ago and apply al updates, but lately i have experienced regulary phishing on my website www.grassere.nl in the mobile Joomla module in the Iphone directory.


I use joomla 2.5.14. My hoster is not amussed of course. Can you advise me what to do.

What kind of phishing do you mean?
(I get 'Access forbidden' on the website)

Somebody puts files in www/htdocs/grassere/templates/mobile_iphone/html/com_content/category
. The hosting company took the site off line because of this, i'm now checking my pc and the FTP on more mallware. I keep my joomla site up to date a good as possible

MobileJoomla uses JFile::write method to save its settings and to create rescaled images only. I've checked that in the first case the filepath is hardcoded, and in the latter case there is no way to save non-image data. Most likely you have vulnerability in a 3rdparty extensions, and hacker tries to point you to the wrong direction to hide way of attack.

I would get access_log and look at POST requests, maybe there will be a hint.