The Furious Angels
Staff and News => News and Announcements => Topic started by: Lithium on July 07, 2012, 07:07:55 pm
-
I just wanted to make a post to acknowledge that our site has experienced two malware hack attacks. These attacks do not appear to be aimed exclusively at us. Rather, they are server wide. My server admin is aware and working to resolve this from occurring again.
-
Damn Illuminati.
-
Have you heard about this? Could be related:
http://news.discovery.com/tech/dns-changer-fbi-warning-july-9-doomsday-120426.html
-
That's a DNS hijacker Tett, was big enough that the FBI got involved. This right here's what we call trojan, some foolish pokey probably thought he'd come waltzin' in with his creeper-toe flashdrive, send the whole place a-blazin'.
-
It just happened again. Unfortunately, it is beginning to look more and more likely that the attacker is using some sort of exploit with our 'antiquated' forum/cms software. I will continue to monitor for the injection and try to find the root cause.
-
Just wondering if this has potential to put a virus on your computer? Mine just got one today when I went to our website.. Had to take some serious action to restore my setup to working status. It was some sort of trojan..
-
AVG seems to pick up on the code injection right away, keep a sharp eye though.
-
Chrome is doing the whole "Malware Detected On This Page" thing now.
-
Well we saw this coming. :/
-
Actually, it wasn't our software. Appears an FTP password was cracked/stolen.
The warning is not valid and only occurs on the 'www.' domain of the site. It appears google has flagged us as dangerous for the time being.
-
It appears google has flagged us as dangerous
Google is right.
-
Yeah, from their Webmaster tools it warned me and you can appeal it and it should go away soon.
-
I was actually just making a joke. Like, we're dangerous, so people better step off or step up.
-
So... the website is safe at this point though, right? I haven't noticed any pop-ups or alerts from my browser or virus scanner.
-
Yes, we should be in the all clear. As it turns out this was a simple FTP account hack which has now been thwarted. Luckily, the damage was light. It could have been much more destructive.
-
What exactly was the payload?
-
whos ftp account was it? Don't let it be mine...
-
No worries, wasn't your account.
It injected certain .html, .htaccess, and .php files with an inline frame to a malware site.