Forums Hacked

[Pete]

Yesterday, an exploit in our forum software allowed a malicious script to alter the templates and cause a script to run for every visitor viewing the forums using Internet Explorer at that time.

 

We are therefore advising that anyone who has visited the forum in the past 48 hours should run a virus scan on their system to see if anything has infected their system. It seems that only visitors using Internet Explorer were affected as this particular browser has security issues that Microsoft have not yet patched.

 

Also, the attack allowed the script in question to abuse the Mass Email feature of our forum software and as a result many members will have received an email from admin@strategycore.co.uk

 

Delete this email

 

This is not a real email account and unfortunately the security hole was big enough to allow the script to send a rather legitimate-looking email to many users.

 

The security hole has since been patched and we can only apologise for the inconvenience and recommend that all visitors to any website on the internet be vigilant and have an up-to-date antivirus system installed on their PC.

[Pete]

As an addendum to the main post above, I'm making a suggestion regarding internet browsers below.

 

I didn't want to make it sound like I'm lecturing, so this is merely some free advice which you may be interested in.

 

Internet Explorer is, whilst the easiest choice for an internet browser as it is pre-installed with the operating system, full of bugs and not a good choice for an internet browser if you are concerned about the security of your PC.

 

Two excellent and very secure alternatives are: Firefox and Opera

[Bomb Bloke]

Given that the nature of attacks against our users tends to be Java based, I would also recommend keeping your VM up to date.

[Kernel]

It seems that only visitors using Internet Explorer were affected as this particular browser has security issues that Microsoft have not yet patched.

 

Well that's MS for ya.

[uriaheep]

Ahhh, I was attacked and I'm using Firefox. I've got OE though. I managed to spot it faily quick though.

[Praetoris]

The mail sent out was a bit too obvious for me to fall for. no greetings, no content, no nothing.

 

Just this sentence and a link to an *.exe file:

"We have made a small tool for our site, I think you will guess what to do with it...."

 

 

While on the subject of browsers I thought this could be interesting to you:

 

https://www.thecounter.com/stats/2006/April/browser.php

 

There are also some other neat stats on that site if you click around for a bit.

[Pete]

Hmm, that's odd because the W3C website (I've lost the link to the stats at the mo) had Firefox at 25% of the market.

 

Good to see you two were quick off the mark though

[Praetoris]

I think the stats are based only off sites that has a membershp or something with the counter, I'm not entirely sure but the stats are still pretty clear.

 

IE dominates the market...sadly

[uriaheep]

I have this address that the file links too - *https://traffweb.biz/*

 

Not sure if it ties in but it calls itself a test page for the Apache HTTP Server.

[Pete]

It's possible that it's masquerading as a test page or the person's webhost has taken the site offline.

 

Either way I'd avoid it, but cheers for the info

[Space Voyager]

Look at the bright side of IE - with such a prevailing chunk of the pie it's also (almost) the only target. Nobody is going to waste his/her energy (if you don't consider creating viruses a total waste of energy in itself) for 8% if they can hurt 90...