Welcome Guest ( Log In | Register )

 Forum Rules 
> Hacked :(
post Feb 17 2011, 04:08 PM
Post #1

'Trouble Down Pit' now online!

Group: Admin
Posts: 10,206
Joined: 22-February 03
From: Southern UK
Member No.: 1
Gender: Male

So, this site (and every other site that I host) was hacked in the past twelve hours. It might be a good idea to run a virus check on your machine.

Sorry about this - my site became hosted by a new company about six months ago and there seem to be a lot more breaches since this new company took over.

The telltale sign of a hack is often a tiny square, just a few pixels wide and tall, usually at the very top or the very bottom of the screen. If you see one of these then please let me know immediately.

Trouble Down Pit: Still updated every Monday and Friday
The Matazone Games blog
The Matazone Shop The Matazone Blog
The Matazone Corset Shop: Snobz corsets at 10% off their recommended price!
Go to the top of the page
+Quote Post
Start new topic
post Feb 19 2011, 01:21 AM
Post #2

Transdimensional Traveler

Group: Established Members
Posts: 1,322
Joined: 20-August 04
From: Somewhere in the Ęther
Member No.: 1,244
Gender: Secret

I would suggest you look into changing ALL your site passwords with very strong ones (14+ characters including upper and lower case, numbers, and symbols). And I would update every bit of software on the server. After that, it would seem that it is a server issue and then you would have to move to a different host. If you want help with this, let me know.

It is by caffeine alone I set my mind in motion,
It is by the beans of Java that thoughts acquire speed,
The hands acquire shaking, the shaking becomes a warning,
It is by caffeine alone I set my mind in motion.

Jack of all trades, master of none,
though offtimes better than master of one.

Carpe Noctem, pro cras nos necemus
Carpe Diem, pro hodie nos mutiamo

Go to the top of the page
+Quote Post
post Feb 19 2011, 10:10 PM
Post #3


Group: Established Members
Posts: 10
Joined: 8-January 11
Member No.: 16,804
Gender: Secret

QUOTE (moooooooooooooooooooooooooop @ Feb 18 2011, 12:39 AM) *
QUOTE (MataTeachesMeLudology @ Feb 17 2011, 09:54 PM) *
Fun-fact: Computers can't get viruses from websites unless you download something like an executable, or batch file (exe or bat).

The message you probably received was the one that said that the website you are visiting is unsafe. This could basically mean the site would provide child pornography, viruses, or offer other stuff that can be regarded as unsafe.

This is why it has been reported.

This is how you fix this. Read some stuff about it.

Worst-case scenario: Someone actually hacked your site and puts scripts on it for advertisement purposes. In this case you should deny ALL downloads coming from this website, close pop-ups and press cancel to everything it offers you. Don't use anything that requires input, which unfortunately includes the donate button (You would possibly donate to a random person in Nigeria all of the sudden). Mata, I suggest that you check if everything still links to where you want it to link, and possibly, get someone that does the technical stuff on this website for you.

Even if it can't download executables and run them (though I'm sure there are problems in older browsers that would allow that) they've clearly injected data into the page and from there it's a trivial step to scripting vulnerabilities that could give access to someone's MZ password and email, and from there access to their email if they've not been careful and used the same password for both. That's pretty bad.

My points is, it's best not to be complacent about security. Being condescending to people for worrying about such things is just going to discourage them from sensible computer security habits. It's a lot less harmful to just let them run the virus scan!
Up-to-date browser USUALLY (as in, almost always, but there are small exceptions) does not allow applications to be stored on your computer under any circumstance without properly notifying the user about this. Next to that, the latest versions of Windows automatically detect whenever an application that is downloaded from the internet or is coming from a questionable source and notifies the user whenever that application is trying to run. This means basically that the user can deny the launch of any unwanted applications as well.

Java could do stuff to your computer, but you're properly notified of the fact that it's trying to do that by the Java application itself. Exploits could still happen, but is rather unlikely.

My point is, you're pretty safe as long as you know what you're doing. I've been running without a virus-scanner for quite some time now and I am doing fine, because I know what I can download and what not. But, as long as you're unsure about what to download, keep your virus-scanner on.

And next to that, injecting data into a page is useless, as it's stored on your own computer. You'd be doing nothing at all. You'd have to send something to the server.
QUOTE (SPEAKERfortheLOST @ Feb 19 2011, 02:21 AM) *
I would suggest you look into changing ALL your site passwords with very strong ones (14+ characters including upper and lower case, numbers, and symbols). And I would update every bit of software on the server. After that, it would seem that it is a server issue and then you would have to move to a different host. If you want help with this, let me know.
I'd only do this if Mata keeps your passwords stored without an hash. Which, by standards, he'll probably do. (I don't see him changing the source code of IPS, no offence)
Go to the top of the page
+Quote Post

Posts in this topic
- Mata   Hacked :(   Feb 17 2011, 04:08 PM
- - CheeseMoose   I did wonder why AVG went mental at me when I trie...   Feb 17 2011, 04:11 PM
- - Hobbits   AVG shouted at me at home, and at work today, when...   Feb 17 2011, 04:53 PM
- - moooooooooooooooooooooooooop   Google Chrome gave me a full screen warning about ...   Feb 17 2011, 05:31 PM
- - CheeseMoose   Just came on with Chrome and it's still warnin...   Feb 17 2011, 05:49 PM
|- - Hobbits   QUOTE (CheeseMoose @ Feb 17 2011, 05:49 P...   Feb 17 2011, 06:16 PM
- - moooooooooooooooooooooooooop   QUOTE (Hobbits @ Feb 17 2011, 06:16 PM) Q...   Feb 17 2011, 06:23 PM
- - Mata   I've just registered the site in Google's ...   Feb 17 2011, 06:44 PM
- - SPEAKERfortheLOST   And this is why I use Linux. I don't have to ...   Feb 17 2011, 09:24 PM
|- - MataTeachesMeLudology   Fun-fact: Computers can't get viruses from web...   Feb 17 2011, 09:54 PM
- - Pikasyuu   QUOTE (SPEAKERfortheLOST @ Feb 17 2011, 01...   Feb 17 2011, 11:22 PM
- - moooooooooooooooooooooooooop   QUOTE (MataTeachesMeLudology @ Feb 17 2011, 0...   Feb 17 2011, 11:39 PM
- - CrazyFooIAintGettinOnNoPlane   QUOTE (SPEAKERfortheLOST @ Feb 17 2011, 09...   Feb 18 2011, 08:50 AM
- - Mata   And now my sites have been attacked again. The bas...   Feb 18 2011, 09:01 AM
- - Sharazad   <3 for my avast! doing a virus scan and a b...   Feb 18 2011, 11:34 AM
- - Mata   We have McAfee on the university computers... Gues...   Feb 18 2011, 12:02 PM
|- - Sharazad   QUOTE (Mata @ Feb 18 2011, 01:02 PM) We h...   Feb 18 2011, 12:27 PM
- - Mata   It took about six hours, but I'm pretty sure I...   Feb 18 2011, 10:08 PM
|- - Hobbits   QUOTE (Mata @ Feb 18 2011, 10:08 PM) It t...   Feb 18 2011, 11:31 PM
- - SPEAKERfortheLOST   I would suggest you look into changing ALL your si...   Feb 19 2011, 01:21 AM
|- - MataTeachesMeLudology   QUOTE (moooooooooooooooooooooooooop @ Feb 18 ...   Feb 19 2011, 10:10 PM
- - moooooooooooooooooooooooooop   QUOTE (MataTeachesMeLudology @ Feb 19 2011, 1...   Feb 19 2011, 11:03 PM
- - Mata   MTML - Moop is a pretty hardcore coder and has bee...   Feb 20 2011, 10:14 AM
- - CrazyFooIAintGettinOnNoPlane   I'd like to add that Speaker's advice shou...   Feb 20 2011, 12:12 PM
- - SPEAKERfortheLOST   Thanks for agreeing. Working as the network admin...   Feb 20 2011, 01:27 PM
|- - MataTeachesMeLudology   QUOTE (moooooooooooooooooooooooooop @ Feb 20 ...   Feb 20 2011, 02:15 PM
|- - Polynomial   I happened upon this thread whilst lurking and dec...   Feb 20 2011, 05:48 PM
- - Mata   All of these things are lovely in theory, but when...   Feb 20 2011, 06:35 PM
|- - TigerLily013   QUOTE (Mata @ Feb 20 2011, 02:35 PM) All ...   Feb 24 2011, 04:58 AM
|- - Sharazad   QUOTE (TigerLily013 @ Feb 24 2011, 05:58 ...   Feb 24 2011, 05:24 AM
|- - CrazyFooIAintGettinOnNoPlane   QUOTE (TigerLily013 @ Feb 24 2011, 04:58 ...   Feb 24 2011, 09:46 PM
- - Mr Fuzzy   OK, I've cracked, and will wade in with my two...   Feb 28 2011, 01:58 AM

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:


Lo-Fi Version Time is now: 24th October 2017 - 07:56 AM
Use these links if you're going to shop at Amazon and a percentage of what you spend goes towards helping this site!