Jump to content
Sign in to follow this  
Lufty

Outage on the Forum

Recommended Posts

Dear All

 

I am really sorry and indeed sad to inform you all that this forum was hacked into last night and a trojan program maliciously installed on the site.

 

At approximately 21:20 on Sunday 21st May 2006 we became aware of the problem and I immediately took steps to shut the forum down to prevent any further damage to the site and to forum members own computers.

 

Most antivirus software will have detected and dealt with the trojan however now is a good time to run a complete virus scan on your computer and also ensure your antivirus and antispyware software is up to date and functioning correctly !!!

 

At first glance it looks to be the work of a Russian hacker however it was more important to preserve the integrity of the site and the forum members own computers than preserve the evidence of the hack.

 

In restoring the site I have taken the opportunity to install the latest version of the forum software along with a security patch which might prevent further hacking.

 

Please immediately notify the moderators on this site if you notice anything suspicious. You can contact all moderators by sending an email to moderators@asd-forum.org.uk.

 

Kind regards

 

 

 

Lufty

Share this post


Link to post
Share on other sites

That is just dreadful,what sad people,what would they gain from that? :angry:

 

Thankyou Lufty :wub:

Share this post


Link to post
Share on other sites

Nels,

 

Kris would have loved to have helped, but after his own computer crashed because of the hacker, it was over to Lufty!!

 

LOL,,,if it can happen to an IT genius, it can happen to anyone, I suppose! :P

 

Kris' computer is well now though, too! :notworthy: Don't know how you both manage this IT malarky!! Waaaaaaaaaayyy beyond me!!

 

Love Elefan

xx

Share this post


Link to post
Share on other sites

Thanks :notworthy:

 

My anti virus picked it up, all of a sudden I heard this siren, and thought what the hell is that :blink:

 

Had to get hubby on the case as I'm not too hot with comps :unsure: .

 

Thanks Lufty, this forum is very important to alot of people :notworthy: .

 

Brook

Share this post


Link to post
Share on other sites

Hi Thanks :notworthy: for sorting it was getting worried can't live without this site it's my safety blanket.My anti virus alerted me to the trojen twice :crying: hell it was scarry there are some people out there who should go bug someone else and leave us be on the site.

 

Lisa

Share this post


Link to post
Share on other sites

Hi all -

 

well done lufty... Unfortunately I got bitten too, but i THINK I'm ok now :unsure::unsure:

 

FWIW : AVG found

 

2 instances of a trojan 'Downloader agent 13.A1

2 " of virus Exploit cve-2005-1790

 

and about 6 or 7 'bits' of 'Java Byte Verify Exploit'...

 

I guess the number of 'instances' depends on how quickly you got offline when it hit? So maybe others will have more/less(?)

 

The 'java bite verify' exploit is a bit more complicated, as AVG couldn't delete them as 'embedded files'... If anyone else is still struggling, the AVG website has details for deleteing the exploit through the Java Control centre 'cache' (if you have it) or manually deleting...

 

I'm still nervous that 'bits' might still be floating about - so anyone with more info might want to post here...

 

L&P

 

BD

 

and thanks again 'techies' :thumbs::thumbs:

Share this post


Link to post
Share on other sites

Thanks Lufty for responding to my email.......I left sensory questionnaire and bedlam broke out, got access denied.....and thought I'd done "something" to crash the site....was worried for hours.......thinking oh no, I've been banned......... :(

Share this post


Link to post
Share on other sites

a TECHIE question...

 

I'm probably just paranoid, but being a bear of very little brain when it comes to the whole buggy/internetty thing...

 

When I came online AFTER clearing the horrid little virussy things from my pc (?), the little yellow 'shield' logo appeared in my tray saying updates are ready for your computer... it APPEARS to be the genuine Microsoft update, and APPEARS to be pointing to a genuine update of the XP verification wotsit, but the timing makes me nervous

 

I've been to the update site directly (not through the tray icon) and the verification thingy IS listed as a valid update for my system - but i don't want the ###### thing on principal!

 

Anyone else get this icon pop up this morning? Anyone heard of any spyware/malaware stuff using this icon for phishing etc??

 

Am I CLEAN???????????????????? :unsure::unsure:

 

L&P

 

a worried BD :ph34r::ph34r:

Share this post


Link to post
Share on other sites
Thanks Lufty for responding to my email.......I left sensory questionnaire and bedlam broke out, got access denied.....and thought I'd done "something" to crash the site....was worried for hours.......thinking oh no, I've been banned......... :(

 

 

So it was YOU who broke our website was it???? Off you go to the naughty chair!!! :lol::lol::lol:

 

seriously, hope the virus missed you....

 

L&P

 

BD

Share this post


Link to post
Share on other sites

As Elefan has pointed out, the credit for this one is all down to Lufty as my laptop was out of action due to the virus and I was desperately trying to fix it before jumping on a plane this morning (currently in sunny Vienna)

 

Thanks Lufty.

 

Kris

Share this post


Link to post
Share on other sites

Help!!!

 

 

Trojan horse downloader agent 13Al & Exploit CVE-2005-1790 are both in the VIRUS vault.

 

What now, should we empty the vault????????? :wacko::tearful:

 

Scary things computers. :(

 

Nellie xx

Share this post


Link to post
Share on other sites

Kris,

 

I did notice you were last on line in the middle of the night and assumed you had been up all night working on the forum. No laptop, brilliant excuse. :lol:

 

You just had to mention you are in sunny Vienna! :(

 

Nellie xx

Share this post


Link to post
Share on other sites
Help!!!

Trojan horse downloader agent 13Al & Exploit CVE-2005-1790 are both in the VIRUS vault.

 

What now, should we empty the vault????????? :wacko::tearful:

 

Scary things computers. :(

 

Nellie xx

 

Hi Nellie

 

Yes empty the vault which is like deleting the virus infected files from a quarantine folder.

 

Kind regards

 

 

 

Lufty

Share this post


Link to post
Share on other sites
a TECHIE question...

 

I'm probably just paranoid, but being a bear of very little brain when it comes to the whole buggy/internetty thing...

 

When I came online AFTER clearing the horrid little virussy things from my pc (?), the little yellow 'shield' logo appeared in my tray saying updates are ready for your computer... it APPEARS to be the genuine Microsoft update, and APPEARS to be pointing to a genuine update of the XP verification wotsit, but the timing makes me nervous

 

I've been to the update site directly (not through the tray icon) and the verification thingy IS listed as a valid update for my system - but i don't want the ###### thing on principal!

 

Anyone else get this icon pop up this morning? Anyone heard of any spyware/malaware stuff using this icon for phishing etc??

 

Am I CLEAN???????????????????? :unsure::unsure:

 

L&P

 

a worried BD :ph34r::ph34r:

 

Hi Baddad

 

This update came out a couple of days ago and is safe to download. There have been many attempts at simulating the Windows Update Software so you did exactly the right thing and ran it from the Windows Update site.

 

Regards

 

 

Lufty

Share this post


Link to post
Share on other sites
Thank you Lufty.

 

Nellie xx

 

Hi Nellie

 

Just to add you can generally configure antivirus software to either delete or "Quarantine" a virus or trojan infected file.

 

When you "Quarantine" the file it puts it in a special directory so you can not run the infected file by accident.

 

Kind regards

 

 

 

Lufty

Share this post


Link to post
Share on other sites
When I came online AFTER clearing the horrid little virussy things from my pc (?), the little yellow 'shield' logo appeared in my tray saying updates are ready for your computer... it APPEARS to be the genuine Microsoft update, and APPEARS to be pointing to a genuine update of the XP verification wotsit, but the timing makes me nervous

 

 

:unsure: Yup, me too. Just as everything was going pear shaped.... :unsure: I clicked 'Cancel', turned off 'puter and ran and hid under the sofa...... Not very brave.. :unsure::P

 

Should i go through my anti-virus software?? What am i supposed to check??? 'Puter's fine now - i think :unsure:

 

You lot have got me worried! :wacko::tearful:

Share this post


Link to post
Share on other sites
Hi Baddad

 

This update came out a couple of days ago and is safe to download. There have been many attempts at simulating the Windows Update Software so you did exactly the right thing and ran it from the Windows Update site.

 

Regards

Lufty

 

 

Hi lufty...

 

I haven't downloaded it, 'cos i sort of object to 'Big Bill's' validation system even though my o/s is pukka...

I tried 'declining' the update, but it still leaves the shield icon in the tray... I guess i could disable 'auto update' and check manually from time to time, but i DO want to get OTHER updates when they come out - especially the security ones :lol::lol:

 

Anyway of telling the icon 'look. I'd rather not have THIS update but go away now and come back if any more new ones appear?'

 

You can tell, I'd be great at writing computer code, huh?? :lol:

 

BD

Share this post


Link to post
Share on other sites

That was horrible!!!

 

I infected ALL 3 of our pc's because I foolishly ran from one to the other to see if it was just mine :blink:

 

Why the heck do people do these things? Are they pschopaths? What pathetic little lives they must live if they have to get their kicks from doing stuff like that.

 

Glad it's all over!!

 

Lauren

Share this post


Link to post
Share on other sites

Hi

 

I also noticed something strange last night when i logged in........... In the user names there was one in bold red - no name but just a serious of x's. I have never seen this before..............

 

Usually, the moderators have a user name.

 

Don't know if it is anything or not but just thought I' d say.

 

Forbsay

Share this post


Link to post
Share on other sites

It could be the government using the services of a foreign hacker desperate for a bit of hard cash. A certain political site was hacked from China and the owners of the site are convinced that either the British government or the EU were behind it all.

Share this post


Link to post
Share on other sites

you lot are super-heroes :notworthy: ..........LUFTY.............THE KING :D ............you mentioned to let you know of anything strange on the forum.........what exactly???.............ALSO...........I did,nt have any problem logging on or with the puter...........is this o.k. :huh: ............I,m a complete idiot when it comes to techie stuff :blink:

Share this post


Link to post
Share on other sites

I also noticed the series of red crosses??? How would I know if I've got a virus????? Where do I look????? I just about know how to turn computer on and email :unsure:

 

PS Can I come off the naughty step now please???? :pray::lol::lol::lol:

Share this post


Link to post
Share on other sites
you lot are super-heroes :notworthy: ..........LUFTY.............THE KING :D ............you mentioned to let you know of anything strange on the forum.........what exactly???.............ALSO...........I did,nt have any problem logging on or with the puter...........is this o.k. :huh: ............I,m a complete idiot when it comes to techie stuff :blink:

 

Hi Suze

 

I am glad you could log on successfully to the site with your computer.

 

A good example of something strange would be an admin (name in red) other than Kris, Elefan or Lufty for example as was noticed last night by another member.

 

An strange error message when accessing the site would be another example.

 

Kind regards

 

 

 

Lufty

Share this post


Link to post
Share on other sites

I noticed the red crossess and was about to ask what they were when all the virus alerts started popping up.

 

Lauren

Share this post


Link to post
Share on other sites

I also got infected with the Trojan bug. My anti virus programme suddenly flashed a warning that there was a Trojan in a file and I was able to destroy ( = delete) it on time. A complete virus scan was required too and now things look OK in my puter.

 

Glad that you have sorted it out! :clap::clap::clap:

 

Curra

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...