Results 1 to 10 of 10

Thread: Web page Defacement

  1. #1
    Site Administrator
    Murfman's Avatar
    Diamond Mine Champion!
    Fruit Twirls Champion!
    Queen Jewel Champion!

    Join Date
    Sep 2007
    Location
    Old Farm
    Posts
    13,218
    Post Thanks / Like

    Web page Defacement

    We were hacked by some guy who claims he is Yemeni. It appears to be just a simple web page defacement. If you see a pop up to install a media add in, don't click on it. It appears to be so you can see video but you never know if it has a malcious payload or not. The defacement only appears on the "FORUM" tab. I can navigate around to all the other tabs, with no problem. You can also navigate via the quick view window on the right. That is how I was able to post this up.

    Godaddy dot com is aware of this and Romebaby is going to work it when he can. Keep in mind, we may have to take this down and upload a back up. The back up is about 2-3 months old so all posts back to then would be lost. We are hoping to just repair this, as nothing more appears to be going on.
    The sea, once it casts its spell, holds one in its net of wonder forever. - Jacques Cousteau


    Wine is for wisdom, beer is for strength, but bourbon is the water of life.


    The New glass 300 build
    http://www.thescmas.com/forums/showt...ighlight=ghost

  2. #2
    Senior Member 89delta's Avatar

    Join Date
    Jul 2013
    Location
    Colorado Springs
    Posts
    960
    Post Thanks / Like
    Should be an easy fix by removing the coding to the link for the forums.

  3. #3
    Copepod Geek THEJRC's Avatar

    Join Date
    Sep 2007
    Location
    post modern suburbia
    Posts
    1,436
    Post Thanks / Like
    Worked with Murph yesterday on some post mortum, I've got some wonderful samples from this and have found the compromise indicators. Bumping this so people are aware, if you receive a software download window or outside link to an MP3 file do not click and please report that you received it so that the administrators know if there are still breadcrumbs.
    ~J


  4. #4
    Registered User Luke W.'s Avatar

    Join Date
    Jan 2013
    Location
    Black forest
    Posts
    700
    Post Thanks / Like
    I heave been getting those alot. I just got one a few mins ago

  5. #5
    Senior Member lsaint's Avatar

    Join Date
    Dec 2012
    Location
    Canon City
    Posts
    1,704
    Post Thanks / Like
    I never got any
    Sent from my HTC 8XT using Board Express

  6. #6
    Website Administrator
    Gomojoe's Avatar

    Join Date
    Apr 2009
    Location
    Colorado Springs, Colorado, United States
    Posts
    2,811
    Post Thanks / Like
    I'm working on getting the password for the vBulletin account so you guys can upgrade or at least get the newest version which might help with the hacking. I'm probably going to have to talk to them to retrieve it so I'll have to wait until tomorrow.
    -David!



  7. #7
    Site Administrator
    Murfman's Avatar
    Diamond Mine Champion!
    Fruit Twirls Champion!
    Queen Jewel Champion!

    Join Date
    Sep 2007
    Location
    Old Farm
    Posts
    13,218
    Post Thanks / Like
    Thanks, David.
    The sea, once it casts its spell, holds one in its net of wonder forever. - Jacques Cousteau


    Wine is for wisdom, beer is for strength, but bourbon is the water of life.


    The New glass 300 build
    http://www.thescmas.com/forums/showt...ighlight=ghost

  8. #8
    Senior Member

    Join Date
    Mar 2013
    Location
    Stratmoor
    Posts
    272
    Post Thanks / Like
    Quote Originally Posted by THEJRC View Post
    Worked with Murph yesterday on some post mortum, I've got some wonderful samples from this and have found the compromise indicators. Bumping this so people are aware, if you receive a software download window or outside link to an MP3 file do not click and please report that you received it so that the administrators know if there are still breadcrumbs.
    So does this mean that you think you fixed it?

  9. #9
    Site Administrator
    Murfman's Avatar
    Diamond Mine Champion!
    Fruit Twirls Champion!
    Queen Jewel Champion!

    Join Date
    Sep 2007
    Location
    Old Farm
    Posts
    13,218
    Post Thanks / Like
    Quote Originally Posted by imsolidstate View Post
    So does this mean that you think you fixed it?
    We took care of the defacement. Had a second even the day after, where another hacker created an admin account. We deleted him as well. We are working on getting upgraded to a newer version of vBulletin to take care of some of the backdoors.
    The sea, once it casts its spell, holds one in its net of wonder forever. - Jacques Cousteau


    Wine is for wisdom, beer is for strength, but bourbon is the water of life.


    The New glass 300 build
    http://www.thescmas.com/forums/showt...ighlight=ghost

  10. #10
    Senior Member

    Join Date
    Mar 2013
    Location
    Stratmoor
    Posts
    272
    Post Thanks / Like
    An upgrade would be advisable. You still have issues, I'll PM you.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •