Jump to content
Join the Unexplained Mysteries community today! It's free and setting up an account only takes a moment.
- Sign In or Create Account -
Saru

Important: Malicious e-mails

44 posts in this topic

Recommended Posts

Nighteyes

Thanks I read this before checking my mail, and guess what. There was an email I deleted it right away. Thank you so much, I need my computer for 3 projects. Thank You. :D

Share this post


Link to post
Share on other sites
 
Boltwave

This evening someone succeeded in exploiting a security vulnerability in the Invision Board software and was able to gain access to the UM administration section. They proceeded to send out a number of malicious e-mails to some of our members containing a virus. They also made a virus popup appear on the forum.

If you have received a strange e-mail containing a lot of garbage and a weird link that appears to have come from this web site - delete it immediately.

The security hole has been plugged now thankfully, I must emphasise my loathing for the type of individuals who get their pleasures from doing this kind of thing

We apologise sincerely for any problems this issue may have caused, and very much hope that it will not discourage you from participating on the site again in future.

That's why I was getting virus notices earlier today! Now it makes sense, I was wondering why my internet was being all funny after visiting here from occasion to occasion.

Great job SaRuMaN, hopefully you found the guy(s) who did this, it almost put an infected virus on my computer, HOPE YOUR HAPPY JACKASSES! :angry2:

Furthermore, if you took care of the problem or were able to find the source of it then I wouldn't expect too many problems, my advice about this whole ordeal is to get some elight personnel or some technical backup to watch over your forum from time to time, perhaps contact any vital support, or the Invision Power Board forum.

Another thing you might want to consider are some security installments, right now at the point I'm not the biggest techy when it comes to websites, I'm okay with management, but I'm too all about HTML, guess I have stuff to work on myself. :D

I'd say to prevent this from happening again, just install mods of some type, security bots, if this forum provides them, or if there installable (I would imagine they are with the extensions to an IPB board), at least, I'd want to make sure it doesn't happen again for the most part of the greater concern.

Share this post


Link to post
Share on other sites
Saru
at least, I'd want to make sure it doesn't happen again for the most part of the greater concern.

I will be making some changes to implement additional security features to try and prevent this from happening again. Although the security hole in Invision Board which allowed this user access has been patched, you never know when another will surface.

Share this post


Link to post
Share on other sites
Reincarnated

i have a question for the people who got infected; what browser were you using at that time? i wonder if it could have been avoided by using firefox. for anyone still using IE i suggest to switch anyways, its more secure. and how exactly did it infect your computers? though the browser and through email?

Edited by Reincarnated

Share this post


Link to post
Share on other sites
Paranoid Android

I don't know if this is related to the email, but I sent a PM to one of our members - tyleriscool. He hasn't received it yet, and I checked my message tracker and it says it's now been posted to R3LOAD. I'm guessing the problem was either to do with the hacking, or tyleriscool has had his username changed......

That aside, seriously Saruman, no need to apologise for the problem. These things happen on the web these days. It's sad that people feel the need to destroy other people's work for no reason, but it's not your fault, no system is hack-proof, and it's the hacker's job to get around it, after all.

Thanks for the quick response time, plugging the gap, fixing it all up.

Regards, PA

Share this post


Link to post
Share on other sites
Saru
I don't know if this is related to the email, but I sent a PM to one of our members - tyleriscool. He hasn't received it yet, and I checked my message tracker and it says it's now been posted to R3LOAD.

He did actually request a name change, so he's nothing to do with it.

i wonder if it could have been avoided by using firefox.

I had to use Firefox to access the forum to disable the malicious script as Internet Explorer kept crashing. I don't think the code that was embedded on the forum actually had any effect on Firefox.

Share this post


Link to post
Share on other sites
=Jak=

GR8.. :tu:

Share this post


Link to post
Share on other sites
Paranoid Android

He did actually request a name change, so he's nothing to do with it.

Ah, thanks.

Share this post


Link to post
Share on other sites
Lottie

SaRu, You were incredibly quick at sorting this out. From now on I am calling you Super'S' :D

Thankyou for your hard work and quick response and its not your fault so don't worry.

((((Big Hugs))))

Share this post


Link to post
Share on other sites
GreyWeather

I use firefox, so would I still be infected? or am i safe?

EDIT

forget that, Saru already mentioned something on it 3 posts up >_<

Edited by Leliel

Share this post


Link to post
Share on other sites
Lottie

I don't think its anything to do with the browser you use. The virus could effect anyone who doesn't have the appropriate security and anti-virus features on windows.

Edited by Lottie

Share this post


Link to post
Share on other sites
GreyWeather

I don't think its anything to do with the browser you use. The virus could effect anyone who doesn't have the appropriate security and anti-virus features on windows.

aye, but Firefox is better protected than IE. you get less spyware, viruses ect than if you were to use IE.

Share this post


Link to post
Share on other sites
 
Saru

It's not that Firefox is better protected, it's that most viruses etc. are designed to work with IE, since most people use it.

Share this post


Link to post
Share on other sites
DR. YO

i have a question for the people who got infected; what browser were you using at that time? i wonder if it could have been avoided by using firefox. for anyone still using IE i suggest to switch anyways, its more secure. and how exactly did it infect your computers? though the browser and through email?

My cpu would freeze and the UM site would close, followed by a message from my virus scanner stating I had infected files.

This happened 5 times in 35 min. Each and every time I logged on the infected files would change, on one occasion I had 5 infected files and on another I had 18.

What concerns me the most is that I log on to UM when I’m at work. I was afraid the virus would spread throughout my entire office and spread via email.

All the computers here seem to be working properly, so far nobody has complained about an unsuspecting virus.

Thanks again SaRu. :tu:

*Bleap* those people who infected UM :angry2:

Share this post


Link to post
Share on other sites
epicstorm

Yea, i just found one of those in my inbox , to bad they dont have the brains to compose a more convincing mail .. :lol:

Please, take a part in our new cup.
Just register in the programm below:

Edited to remove malicious link- Dot

Edited by Daughter of the Nine Moons

Share this post


Link to post
Share on other sites
isis-999

I'm still getting a pop up window on here..I didn't know what the deal was until i read this..It happen once a few hour's ago...Do i need to run a virus scan or is the pop-up's safe..Just a pain to deal with.... :hmm:

Share this post


Link to post
Share on other sites
Saru

What section of the site do you see a popup, and whats on it ?

Share this post


Link to post
Share on other sites
Mr. Fahrenheit

I'm especially angry about this type of thing because I just got infected with spyware (luckily Raptor X7 helped me). I can see if you're a hacker in the way of modding a game to add a level and practice coding, but what kind of lowly urchin sits around creating traps for people's computers? Grr.

Share this post


Link to post
Share on other sites
Zeeshan - (Twisted!)

Thanks For Informing Saru....

U r the Best Admin!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.