Dear All!
Our site was also hacked.
29th evening - some index.php/html files where replaced.
29th later evening - some more index.php/html files where replaced.
We tought that it is a "robot" that uses some kind a weakness. All passwords where replaced and software upgraded to the latest versions (where possible).
30th early morning - it was clear (according to logs), that it was not a "robot" but a human, who was quite freely changing files, making copies of files, etc. The access to the web was blocked by us, until we could find out what is the weak spot.
Later on 30th of September - We took some "drastic" measures (mainly by creative minds from http://www.flightsim.ee/) to protect our Servers (3-4 hrs of hard work). Sadly, I think that it can not be used for other VA-s, since we run phpvms only for "Intranet". Anyways, please contact us for more details, if You are interested, since I am not going to post the "trick" here. The system is up and running, files are cleaned, and everything restored - aircraft flying. The server log shows that there has been several attempts to re-hack without success, so far.
Those kids from Indonesia do not sleep, and it seems that a really huge amount of VA-s are down for now, and it is just stupid, to do it for competition. And I think that they will continue to "score" until the working patch is out.
http://flyjh.lennusimu.net