Tweet
We've gotten a bunch of virus notices in the last 12 hours or so about the forum trying to load a malicious site. After doing some investigation it appears some malicious code was added to the forum that was causing a visitor to visit a 3rd party site in an invisible frame. This 3rd party site is listed on Google's Malware list, and most likely was trying to do what is referred to as a 'drive-by download'. Typically this would try to take advantage of known browser exploits to install software or a virus on your computer.
We have removed the offending code from the site and are now doing some forensic work on our server to see how this got added. From the initial investigation it does not appear that any of our accounts were compromised, and most likely this was added via an unknown exploit in the forum software itself. We are running the latest stable version of our forum, so we are currently working with the forum vendor to ascertain how this happened.
Who was affected? This was reported within the last 12 hours, so if you had not visited in that time you are most likely safe. This generally would target Windows computers through known exploits, so as long as your computer was up-to-date you should also not be at risk. From some of the reports I've gotten from our members it looks like this most likely targeted only Internet Explorer as well.
I'd like to thank everyone who sent me and BobD/Shannon notices about this, this really helps us respond as quickly to issues like this and get as much info as possible about them.
I'll update this thread with any new info I receive concerning this issue.
--Claudio
We have removed the offending code from the site and are now doing some forensic work on our server to see how this got added. From the initial investigation it does not appear that any of our accounts were compromised, and most likely this was added via an unknown exploit in the forum software itself. We are running the latest stable version of our forum, so we are currently working with the forum vendor to ascertain how this happened.
Who was affected? This was reported within the last 12 hours, so if you had not visited in that time you are most likely safe. This generally would target Windows computers through known exploits, so as long as your computer was up-to-date you should also not be at risk. From some of the reports I've gotten from our members it looks like this most likely targeted only Internet Explorer as well.
I'd like to thank everyone who sent me and BobD/Shannon notices about this, this really helps us respond as quickly to issues like this and get as much info as possible about them.
I'll update this thread with any new info I receive concerning this issue.
--Claudio
Comment