Pete Posted May 8, 2006 Share Posted May 8, 2006 Yesterday, an exploit in our forum software allowed a malicious script to alter the templates and cause a script to run for every visitor viewing the forums using Internet Explorer at that time. We are therefore advising that anyone who has visited the forum in the past 48 hours should run a virus scan on their system to see if anything has infected their system. It seems that only visitors using Internet Explorer were affected as this particular browser has security issues that Microsoft have not yet patched. Also, the attack allowed the script in question to abuse the Mass Email feature of our forum software and as a result many members will have received an email from admin@strategycore.co.uk Delete this email This is not a real email account and unfortunately the security hole was big enough to allow the script to send a rather legitimate-looking email to many users. The security hole has since been patched and we can only apologise for the inconvenience and recommend that all visitors to any website on the internet be vigilant and have an up-to-date antivirus system installed on their PC. Vitezsype 1 Link to comment Share on other sites More sharing options...
Pete Posted May 8, 2006 Author Share Posted May 8, 2006 As an addendum to the main post above, I'm making a suggestion regarding internet browsers below. I didn't want to make it sound like I'm lecturing, so this is merely some free advice which you may be interested in. Internet Explorer is, whilst the easiest choice for an internet browser as it is pre-installed with the operating system, full of bugs and not a good choice for an internet browser if you are concerned about the security of your PC. Two excellent and very secure alternatives are: Firefox and Opera Link to comment Share on other sites More sharing options...
Bomb Bloke Posted May 8, 2006 Share Posted May 8, 2006 Given that the nature of attacks against our users tends to be Java based, I would also recommend keeping your VM up to date. Link to comment Share on other sites More sharing options...
Kernel Posted May 9, 2006 Share Posted May 9, 2006 It seems that only visitors using Internet Explorer were affected as this particular browser has security issues that Microsoft have not yet patched. Well that's MS for ya. Link to comment Share on other sites More sharing options...
uriaheep Posted May 9, 2006 Share Posted May 9, 2006 Ahhh, I was attacked and I'm using Firefox. I've got OE though. I managed to spot it faily quick though. Link to comment Share on other sites More sharing options...
Praetoris Posted May 9, 2006 Share Posted May 9, 2006 The mail sent out was a bit too obvious for me to fall for. no greetings, no content, no nothing. Just this sentence and a link to an *.exe file:"We have made a small tool for our site, I think you will guess what to do with it...." While on the subject of browsers I thought this could be interesting to you: https://www.thecounter.com/stats/2006/April/browser.php There are also some other neat stats on that site if you click around for a bit. Link to comment Share on other sites More sharing options...
Pete Posted May 9, 2006 Author Share Posted May 9, 2006 Hmm, that's odd because the W3C website (I've lost the link to the stats at the mo) had Firefox at 25% of the market. Good to see you two were quick off the mark though Link to comment Share on other sites More sharing options...
Praetoris Posted May 9, 2006 Share Posted May 9, 2006 I think the stats are based only off sites that has a membershp or something with the counter, I'm not entirely sure but the stats are still pretty clear. IE dominates the market...sadly Link to comment Share on other sites More sharing options...
uriaheep Posted May 9, 2006 Share Posted May 9, 2006 I have this address that the file links too - *https://traffweb.biz/* Not sure if it ties in but it calls itself a test page for the Apache HTTP Server. Link to comment Share on other sites More sharing options...
Pete Posted May 9, 2006 Author Share Posted May 9, 2006 It's possible that it's masquerading as a test page or the person's webhost has taken the site offline. Either way I'd avoid it, but cheers for the info Link to comment Share on other sites More sharing options...
Space Voyager Posted May 10, 2006 Share Posted May 10, 2006 Look at the bright side of IE - with such a prevailing chunk of the pie it's also (almost) the only target. Nobody is going to waste his/her energy (if you don't consider creating viruses a total waste of energy in itself) for 8% if they can hurt 90... Link to comment Share on other sites More sharing options...
Recommended Posts