An exploit in our software was taken advantage of by some hackers who linked to a malicious site. It appears there was a little over 4 hours between the time it happened and the time we took the servers offline Thursday.
In an effort to minimize damage to the board we opted to shut everything down while we investigated the issue and formulated a game plan. Our team (server admins, programmers, and software vendors) coordinated and developed a plan to remove the malicious files and secure the servers. We believe that forum members should not have any system issues associated with this so long they didn't visit the malicious site AND install anything.
While the service interruption was unfortunate, it was important to us to make sure this issue was fully addressed before returning to business as usual. Protecting our community from this kind of intrusion is paramount and we'll post more info here as it becomes available. It's possible that we may need to continue tweak the forum setup and if so, we may have another service interruption.
We thank you for understanding
__________________ 77 Argosy Minuet, 6 metre | 77 Argosy 24, Rear door AIR # 3181 | WBCCI # 5575
Congratulations on your quick response in dealing with this problem. Tried to log on earlier this evening and got your message on the alternate page of what had happened. We're glad you caught it in time before further problems were created. Thanks.
and i found this quote on another forum related to the issue yesterday...
""One of the most popular plugins that tons of forums run (VBSEO) has been compromised, and many forums will be having errors about google, such as "Visiting This Site May Harm Your Computer". It's caused by VBSEO.
Disable, then update VBSEO. Then if you're a webmaster, go into your Vbulletin templates and remove any code about it from the HEADER part of your template, on ALL styles. Search your templates for "google".""
cheers
2air'
__________________ all of the true things that i am about to tell you are shameless lies. l.b.johnson
we are here on earth to fart around. don't let anybody tell you any different. k.v.
Thanks for acting quickly. This stuff goes on all the time across the internet
My knowledge of this stuff is purposely minimal. but I think a malicious site would be one that downloads a program or application on your computer to get personal and/or financial info and exploit it. It enables them to take over your computer remotely. It is similar in intent to those phony e-mails that claim your bank needs to update your personal info. Very few people take the bait on those e-mails,k but the cost to the bad guy is so low, it's a money maker. I think a malicious site would be more technically complicated and more of a challenge for the bad guy techie, but could pay off pretty well because you may not know it's happening. Another kind use if they can take oivere your computer is to link many computers to send spam using your address book, or to spread the malicious program thru using your address book. Some bad guys use this to spread just do it for their version of fun to take down websites, screw up computers and cause general havoc.
Quick Links
Say no to Lawrence Welk attitudes
Linear Mode
