Announcement

Collapse
No announcement yet.

Virus FYI

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Virus FYI

    We've gotten a bunch of virus notices in the last 12 hours or so about the forum trying to load a malicious site. After doing some investigation it appears some malicious code was added to the forum that was causing a visitor to visit a 3rd party site in an invisible frame. This 3rd party site is listed on Google's Malware list, and most likely was trying to do what is referred to as a 'drive-by download'. Typically this would try to take advantage of known browser exploits to install software or a virus on your computer.

    We have removed the offending code from the site and are now doing some forensic work on our server to see how this got added. From the initial investigation it does not appear that any of our accounts were compromised, and most likely this was added via an unknown exploit in the forum software itself. We are running the latest stable version of our forum, so we are currently working with the forum vendor to ascertain how this happened.

    Who was affected? This was reported within the last 12 hours, so if you had not visited in that time you are most likely safe. This generally would target Windows computers through known exploits, so as long as your computer was up-to-date you should also not be at risk. From some of the reports I've gotten from our members it looks like this most likely targeted only Internet Explorer as well.

    I'd like to thank everyone who sent me and BobD/Shannon notices about this, this really helps us respond as quickly to issues like this and get as much info as possible about them.

    I'll update this thread with any new info I receive concerning this issue.

    --Claudio

  • #2
    Re: Virus FYI

    Just a detail about browsers affected, it was giving me the warning with Firefox and Safari as well if I remember well. (I never use IE...)

    Thanks for fixing it promptly.

    Gilles

    Comment


    • #3
      Re: Virus FYI

      There are users that have a web address as their log in name and spammers that have a web address in their profile. Seems like a way to download a virus.
      Bill K.
      Every day should be unwrapped like a precious gift.

      Comment


      • #4
        Re: Virus FYI

        Good point, Bill. It's always a good idea to stay away from any website you don't recognize. Luckily, spammers are usually obvious, so it's easy to stay away from their profiles.

        Bob

        Comment


        • #5
          Re: Virus FYI

          The warning I got was "Bloodhound.Exploit.193 was blocked".
          What I didn't realise was that it was coming from here as I was running a few things at once.
          I can happily tell you it didn't happen when I came here this morning (Aus time)

          Comment


          • #6
            Re: Virus FYI

            All good here, thanks for the heads up.

            Dave

            Comment


            • #7
              Re: Virus FYI

              I logged in this morning and my Virus software blocked 4 trojans that came to my PC. I found and deleted them. Thanks for the info.

              Comment


              • #8
                Re: Virus FYI

                AVG would not allow me to visit the site this morning - I was stopped several times in the time frame I later saw other people had posted.
                I ran AVG over and updated it (I do every day) and had no notification of having a virus myself.
                I understand nothing

                Comment

                Working...
                X