Was I hacked?

I had a Boat Buildihg phorum forrum for many years, with something like 20,000 posts.
At its high point I got as many as 10 posts a day.

Traffic gradually plunged to near zero. Why is not clear. Perhaps it had something to do with similar groups on Facebook etc.

I turned it off for about a year. Now I want to bring it back.
I loaded a daatabase with a mysql dump. What I see is an empty forum, even though--when I use a terminal to log into the mysql databae select count(message_id) from phorum_messages shows 22293 messages.

But the page display for that forum shows 0

I also found, in phorum messages, the following:

I have backed up all your databases. To recover them you must pay 0.0135 Bitcoin to this address: 1FobWASbipzwqWK21D8mBLe4ysDPXjQqD1. Backup list: montana_mrblogins, montana_phorum, mrblogins. After your payment email me at rdatabase.2104@onionmail.org with your server IP (64.202.188.192) and transaction ID. Emails without transaction ID will be ignored.



Edited 1 time(s). Last edit at 07/14/2023 12:43AM by salmobytes.

To Start... on a local machine.
Use a backup of the backup.
Extract the backup from the dump file (??????????_xxxxxxxx_2015_11_13_21_13.sql.gz.)
Open the xxxxx.SQL file in "Textpad" or "Notepad++ , or equivalent, not Windows "Notepad".
Don't turn word wrap on.

The file should be readable for the most part
Locate the line

Quote

--
-- Data for Table `Your Prefix_messages`
--

Scroll down

Quote

INSERT INTO `Your Prefix_messages`

The line after should be a message.
See photo sample. Most of it should be readable, if it is not check a few more messages.

If the dump file is readable there could be other issues.