| Author |
Message |
|
HunterKiller
|
Post subject: UV Forum Attacked?  Posted: Thu Apr 08, 2010 12:00 pm |
|
Joined: Mon May 05, 2008 5:44 am
Posts: 835
|
I don't know what's going on but, I cannot log in or reach the Portal of your forum due to AVG blocking some sort of attack.
Here's the messages I got;
First try
Second try
This is what I got as well.
I managed to log in but when trying to surf the forum, I got that message. Even though it was blocked from hurting me, it's still not letting me do anything on the forum. The url has the UV in it. I've been scanning all morning and nothing's in my system at all. I use several types of scanning programs provided by Microsoft too.
Last edited by HunterKiller on Thu Apr 08, 2010 4:10 pm, edited 1 time in total.
|
|
  |
|
 |
|
Soupman
|
Post subject: Posted: Thu Apr 08, 2010 1:17 pm |
|
Joined: Sun Jan 06, 2008 3:44 pm
Posts: 739
|
|
Site Appears to have been hacked - Not Sure From Where or Who at this point
Our Provider is Investigating.. The main problem of course is PHPBB2 Ver .21 appears to Be Easily Attacked
i Am Working with them to Harden Security And look at inserting the DB into a More Secure Piece of Software
i will take it offline until we Either Fix the security issue or Move to Better software,, Most likely i will update the UV and this site to New Software
The UV Site has been taken Offline by me
Soup
|
|
| |
|
|
|
HunterKiller
|
Post subject: Posted: Thu Apr 08, 2010 4:07 pm |
|
Joined: Mon May 05, 2008 5:44 am
Posts: 835
|
I was thinking it may have been through a link dealing with FF but after scanning for all types of suffixes ( per;.us, .to, .com, etc...etc...) and other Heuristics, it shows nothing on my system still so, I went to a neighbors house and tried to access the forum and it was still appearing with the same message.
I scanned my Firefox .exe and nothing showing up in there at all.
FF done away with the phpBB 2.0 forums due to it using HTML Codes and it's vulnerabilities of getting hacked. phpBB no longer supports 2.0/html and all their hosted sites have been converted to the upgraded 3.0.
Good luck and 2by2 should be able to take care of it soon enough. They're a good bunch of people. I have conversed with them by land line before. 
|
|
| |
|
|
|
DwnUndr
|
Post subject: Posted: Thu Apr 08, 2010 9:02 pm |
|
Joined: Sun Jan 06, 2008 4:53 pm
Posts: 1053
|
|
We know of another site that apparently had the same kind of attack a few days earlier. Since it was not related to Freelancer I don't think other communities here should worry about attacks.
It just seems to be some random kook.
_________________
http://FreelancerCommunity.net
http://UnderVerse.us
|
|
| |
|
|
|
HunterKiller
|
Post subject: Posted: Thu Apr 08, 2010 9:09 pm |
|
Joined: Mon May 05, 2008 5:44 am
Posts: 835
|
Well, I think the virus is in he go to links like the view latest posts link. under the avatar in the portal and when using the go to post link next to a users name on the forum.
ex: View posts since last visit (2)
Each time I used one of those type link, the warning pops up. 
|
|
| |
|
|
|
Soupman
|
Post subject: Posted: Fri Apr 09, 2010 2:09 pm |
|
Joined: Sun Jan 06, 2008 3:44 pm
Posts: 739
|
|
Found One last Entry in The Root
Its been Removed ,,, Tested
Seems like ive Fixed it .. Lemme Know
oh BTW The IP of the Attacker traced to Russia
195.2.253.42
it has been added to The Our IP deny list For the Site
|
|
| |
|
|
|
HunterKiller
|
Post subject: Posted: Fri Apr 09, 2010 3:00 pm |
|
Joined: Mon May 05, 2008 5:44 am
Posts: 835
|
I checked all the forum links a few minutes ago and all seems to be back to normal, good job. 
|
|
| |
|
|
|
DwnUndr
|
Post subject: Posted: Fri Apr 09, 2010 8:52 pm |
|
Joined: Sun Jan 06, 2008 4:53 pm
Posts: 1053
|
|
Nice work Soupman!
_________________
http://FreelancerCommunity.net
http://UnderVerse.us
|
|
| |
|
|
|
