We have an older Joomla 2.5.? site on a shared host.
Our host emailed to say that the server was hacked and that our account was directly responsible (ish).
The hacker was attempting to turn the server into an IRC Daemon to join a botnet (as claimed by our hosting company).
This seems odd, as my limited understanding suggests that installing software into a server requires command prompt access.
Just want to see if it is possible / likely that an insecure version of Joomla could allow a hacker to compromise a server to the point where they could setup an IRC Daemon.
Or should I be chasing the hosting company to patch their server directly.