JohnD Posted July 4, 2006 Share Posted July 4, 2006 Our forum was exploited this evening by a Russian hacker that has been attacking Invision Power Board forums around the world. The nature of the exploit was a re-direction to a site that then attempted to load a WMF file that was executed by the local machine - normally those running Microsoft's Internet Explorer. Invision has released a patch to their software to resolve the exploit and we have applied that patch to the system. In addition, we have isolated and removed the code that was causing the re-direction - so you should not have any further problems with this issue. We do our best to keep the site updated with the most recent versions of the software and security patches - as they're made available from the developer. IPB is one of the more popular forum applications in the market - so it is a natural target for those that are trying to cause problems. The feature that permits the upload of avatars and picture files is one of the most common ways that these sorts of exploits are accomplished. So, for that reason - I am disabling the ability to upload files/graphics to the system. We're going to look for ways to restore the feature - but in a more secure fashion. Hopefully, we'll have that solution in the near term .... however, the security of the DCP forums and your systems will be our first priority. I'm sorry for the inconvenience this may have caused. PLEASE be sure to keep your virus software/definitions up-to-date .... and we suggest the use of Mozilla FireFox as a web browser over Internet Explorer. Thank you for your patience and support. -john Quote Link to comment Share on other sites More sharing options...
Toby Posted July 4, 2006 Share Posted July 4, 2006 Glad you caught it early, John. Could've been really messy. Quote Link to comment Share on other sites More sharing options...
JMS0527 Posted July 4, 2006 Share Posted July 4, 2006 Thanks for the prompt addressing of the problem! :) Quote Link to comment Share on other sites More sharing options...
Jeff Ream Posted July 4, 2006 Share Posted July 4, 2006 imagine it had been finals week! Quote Link to comment Share on other sites More sharing options...
Toby Posted July 4, 2006 Share Posted July 4, 2006 imagine it had been finals week! DCA? :P I'd also like to thank some other folks who got word around to those they knew about staying off for a little bit. Probably helped save some computers from going to the big motherboard in the sky. Quote Link to comment Share on other sites More sharing options...
Eddie Posted July 4, 2006 Share Posted July 4, 2006 that could caused a really ugly mess. Good to know things are still okay :) Quote Link to comment Share on other sites More sharing options...
GmenBari78 Posted July 4, 2006 Share Posted July 4, 2006 Thanks for the announcement. McAfee caught the exploit when I browsed to DCP last night and told me I had a trojan that it killed before it got to me. It scared the #### out of me, I thought my system was a goner. Thanks for letting me know what happened. Fortunately I was on Firefox, not IE! Firefox actually popped up a download to download the WMF file, but it never showed the OK button, just greyed out, so I never got the exploit downloaded. McAfee must have been blocking it from coming down. I think even with Firefox, it looks like you would not have been totally safe without an anti-virus blocking it! Anyway, I also cleared out my browser cache totally and erased all those files from the disk, just to be sure. If DCP is interested, I still have the history.dat file in Firefox, I kept it with the info of where the browser tried to go via the exploit, if you need it for tracing the criminals. Quote Link to comment Share on other sites More sharing options...
S. Pearson Posted July 4, 2006 Share Posted July 4, 2006 Thanks for the announcement. McAfee caught the exploit when I browsed to DCP last night and told me I had a trojan that it killed before it got to me. It scared the #### out of me, I thought my system was a goner. Thanks for letting me know what happened. Fortunately I was on Firefox, not IE! Firefox actually popped up a download to download the WMF file, but it never showed the OK button, just greyed out, so I never got the exploit downloaded. McAfee must have been blocking it from coming down. I think even with Firefox, it looks like you would not have been totally safe without an anti-virus blocking it! Anyway, I also cleared out my browser cache totally and erased all those files from the disk, just to be sure.If DCP is interested, I still have the history.dat file in Firefox, I kept it with the info of where the browser tried to go via the exploit, if you need it for tracing the criminals. Norton also caught it! You MAC people are smiling today, aren't you? I can feel it! :) Quote Link to comment Share on other sites More sharing options...
George Posted July 4, 2006 Share Posted July 4, 2006 John - terrific job in handling this so quickly for all of us! Thanks so much - superb service & communication - per usual :) George Quote Link to comment Share on other sites More sharing options...
BariEuph Posted July 4, 2006 Share Posted July 4, 2006 You MAC people are smiling today, aren't you? I can feel it! :) b**bs b**bs b**bs Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.