The Furious Angels

Staff and News => News and Announcements => Topic started by: Lithium on July 07, 2012, 07:07:55 pm

Title: Website Hackings
Post by: Lithium on July 07, 2012, 07:07:55 pm
I just wanted to make a post to acknowledge that our site has experienced two malware hack attacks. These attacks do not appear to be aimed exclusively at us. Rather, they are server wide. My server admin is aware and working to resolve this from occurring again.
Title: Re: Website Hackings
Post by: Manic Velocity on July 07, 2012, 09:52:35 pm
Damn Illuminati.
Title: Re: Website Hackings
Post by: Tett on July 08, 2012, 01:39:52 am
Have you heard about this? Could be related:

http://news.discovery.com/tech/dns-changer-fbi-warning-july-9-doomsday-120426.html
Title: Re: Website Hackings
Post by: Sared on July 08, 2012, 12:03:17 pm
That's a DNS hijacker Tett, was big enough that the FBI got involved. This right here's what we call trojan, some foolish pokey probably thought he'd come waltzin' in with his creeper-toe flashdrive, send the whole place a-blazin'.
Title: Re: Website Hackings
Post by: Lithium on July 08, 2012, 09:06:07 pm
It just happened again. Unfortunately, it is beginning to look more and more likely that the attacker is using some sort of exploit with our 'antiquated' forum/cms software. I will continue to monitor for the injection and try to find the root cause.
Title: Re: Website Hackings
Post by: Saint on July 08, 2012, 10:16:21 pm
Just wondering if this has potential to put a virus on your computer?  Mine just got one today when I went to our website..   Had to take some serious action to restore my setup to working status.  It was some sort of trojan..
Title: Re: Website Hackings
Post by: Sared on July 08, 2012, 10:27:05 pm
AVG seems to pick up on the code injection right away, keep a sharp eye though.
Title: Re: Website Hackings
Post by: Tecknik on July 09, 2012, 10:38:33 am
Chrome is doing the whole "Malware Detected On This Page" thing now.
Title: Re: Website Hackings
Post by: likwidtek on July 09, 2012, 12:01:02 pm
Well we saw this coming. :/
Title: Re: Website Hackings
Post by: Lithium on July 09, 2012, 12:23:09 pm
Actually, it wasn't our software. Appears an FTP password was cracked/stolen.

The warning is not valid and only occurs on the 'www.' domain of the site. It appears google has flagged us as dangerous for the time being.
Title: Re: Website Hackings
Post by: Manic Velocity on July 09, 2012, 12:37:35 pm
Quote from: "Lithium"
It appears google has flagged us as dangerous


Google is right.
Title: Re: Website Hackings
Post by: Lithium on July 09, 2012, 01:02:40 pm
Yeah, from their Webmaster tools it warned me and you can appeal it and it should go away soon.
Title: Re: Website Hackings
Post by: Manic Velocity on July 09, 2012, 01:06:49 pm
I was actually just making a joke.  Like, we're dangerous, so people better step off or step up.
Title: Re: Website Hackings
Post by: ZephixLeer (Zephic) on July 09, 2012, 09:10:29 pm
So... the website is safe at this point though, right? I haven't noticed any pop-ups or alerts from my browser or virus scanner.
Title: Re: Website Hackings
Post by: Lithium on July 10, 2012, 01:26:41 am
Yes, we should be in the all clear. As it turns out this was a simple FTP account hack which has now been thwarted. Luckily, the damage was light. It could have been much more destructive.
Title: Re: Website Hackings
Post by: likwidtek on July 10, 2012, 11:46:06 am
What exactly was the payload?
Title: Re: Website Hackings
Post by: Ash on July 10, 2012, 12:28:57 pm
whos ftp account was it?  Don't let it be mine...
Title: Re: Website Hackings
Post by: Lithium on July 10, 2012, 12:40:48 pm
No worries, wasn't your account.

It injected certain .html, .htaccess, and .php files with an inline frame to a malware site.
SimplePortal 2.3.8 © 2008-2024, SimplePortal