As with all web applications, it is important to keep current with application updates and security patches. This is especially true for CMS and E-Commerce applications that are widely used on the Internet like DNN. These solutions have a large install base and because of this hackers will target vulnerabilities in these solutions to get maximum exposure for their hacks.
If you use a commercial or open-source application we recommend subscribing to any notification channel they offer (mailing lists, rss feeds, twitter, etc) so that you can be notified of important updates in real time. Once a vulnerability is made public, exploits are often developed and used to systematically exploit affected web sites.
Because of the large number of websites we host around specific applications (in this case DNN), it’s not uncommon for us to notice a pattern of attacks happening fairly early on. It also helps that we deploy a centralized malware protection solution on all of our servers and monitor it closely for potentially compromised websites.
DNN versions 7.4.1 and prior contain a seriously vulnerability that can allow a malicious actor to log in to your site as an administrator user. DNN Corp published a bulletin last year before there were updates available detailing a workaround to secure the site (http://www.dnnsoftware.com/community-blog/cid/155198/workaround-for-potential-security-issue)
The current version of DNN as of this writing is 8.0.2, so we recommend upgrading to the latest version if possible, as the latest release contains additional security updates. If upgrading immediately is not an option then we recommend mitigating the problem using the steps DNN Corp published on their web site at the above link.
Again, it is important to regularly update your web application including any plugins/modules/themes. If this isn’t something you directly handle you’ll want to involve your developer to assist with the upgrade. Be sure to back up your database and web site first in case of any issues. If you require assistance with backing up your site please contact our Support Team.
We would like to thank Mitchel Seller of Iowa Computer Gurus, who works with many of our clients, for putting together a blog post on his web site explaining the issue at http://mitchelsellers.com/blogs/2016/05/25/dnn-security-alert-rogue-host-users.aspx and helping to identify the this particular vector of attack. If you are in need of a DNN developer, Mitchel is a DNN MVP and his company web site is at http://www.iowacomputergurus.com and we can’t speak highly enough about him, his services and the value he brings to the DNN community on a whole.