potential hack warning for treehouse

[SteveBullman]

Hi guys,

My forum got hacked a few days ago, have finally managed to get it fixed. The hack involves a malicious code being inserted that redirects users to a different website. its not a virus as such so doesnt really cause any security issue for members computers, but it does do significant damage to incoming traffic. During my research it seems that a lot of forums are being attacked with this particular issue. it took 5 days for us to get this sorted but now i know how to do it its a pretty quick fix.

I've checked the treehouse out and its clean. Navigating directly to treehouse in your browser will work regardless......the hack kicks in if you type gypoclimber into google then click on the resulting listing....this will redirect you to a file2share website. I shall be testing arbtalk religiously over the next few weeks in case they return for a second bite of the cherry, and i recommend butch does the same on a daily basis, however i thought id post this here so you guys could perhaps help out and do the same from time to time.

these hackers really are clever bastards

 

[Newfie]

Sounds Greek to me Steve but sounds like you have it sorted. Thanks for the heads-up.

 

[squisher]

I thought there was gonna be some pics of some fracture pruning orrrrrr something?

 

[MasterBlaster]

We're running the latest, up-to-date virgin of this Vbulletin forum software. That should help.

 

[Al Smith]

Hi guys,

My forum got hacked a few days ago, have finally managed to get it fixed.
I've checked the treehouse out and its clean.

Well Steve truth be known you've had a lot of hacks for some reason .Pretty slick rascals I'll say that .It took my 'puter guy two visits the last one I picked up which is one reason I haven't visited in some time to be real truthfull . That praticular one prevented me from going to a known reset for recovery .

 

[rbtree]

An up to date virgin......cool....

 

[SteveBullman]

Well Steve truth be known you've had a lot of hacks for some reason .Pretty slick rascals I'll say that .It took my 'puter guy two visits the last one I picked up which is one reason I haven't visited in some time to be real truthfull . That praticular one prevented me from going to a known reset for recovery .

3 times to date al, and with the sites increasing popularity it was only get worse, with it being more of an attractive proposition to a hacker. only once of the 3 times it was hacked previously was there any security issue for members, and even then, only those not savvy enough to keep their anti virus up to date

 

[SteveBullman]

We're running the latest, up-to-date virgin of this Vbulletin forum software. That should help.

unfortunately it seems to be affecting all versions......vbulletin dont know how they're getting in either

 

[gf beranek]

Hackers should be hung. Their fun and games affect people far more seriously than they think.

 

[TreeDimensional]

Finger removal would be a great deterrent.

 

[MasterBlaster]

I don't understand why they do it.

 

[SteveBullman]

http://25yearsofprogramming.com/blog/2008/20080311.htm

 

[Al Smith]

Evidently from what my 'puter guru told me whatever the problem was he detected it through his own personal machine as he tried to figure out what it was .At that time it was undocumented so evidently it was a brand new virus type thing that somehow could get by the Windows firewall .

It stopped the auto updates and like I said made it nearly impossible to go to a date prior to the invasion .I think since that micro soft has figured it out .

Some times I can figure out how to fix the damned thing and some times I can't which is why I have this guy on call .

 

[MasterBlaster]

Excellent post, Steve. Al, I don't/never have had any problems with my computer.

 

[SkwerI]

IMO the biggest problem on a Windows machine is opening spam emails. The default setting in Outlook Express uses the 'preview' window which automatically opens the first email when you open the program. Turn off the preview window so you don't open the email until you double click on it, or delete it unopened. Almost every new virus you hear about is spread by malicious code embedded in emails.

 

[MasterBlaster]

I've never gotten a virus from an email.

 

[Al Smith]

Now don't take me wrong on this as I wasn't saying Steve did anything wrong at all .It just happens some how .

Once I clicked on "Milling Masters' and followed a link to what was supposed to be Bill Rakes site who sells plans for homebuilt bandsaws .Damned if I didn't get a porn site .Big surprise .

It's a game to a hacker as they don't have anything better to do .Sit around all day thinking of ways to screw with people .

A lot of times if you can detect the name of the virus and type and still have internet access you can "google " the fix .I've used my wifes machine to find fix for my own and vica versa .

It's when some newly fabricated one pops up that the problem arises .On my e-mails I can peek inside of hem without actually opening them so that's never been a problem .

 

[SteveBullman]

crikey....even the royal navy arent immune...what chance do i stand!!?

http://uk.news.yahoo.com/5/20101108/tuk-cyber-attack-royal-navy-website-hack-45dbed5.html

 

[MasterBlaster]

Do you allow new members to activate themselves? I don't. I check their IP first here and if they pass, then I'll check their location here.

 

[SteveBullman]

nope i vet everyone

 

[MasterBlaster]

And you don't think that's the root of your problems?

 

[Newfie]

Vetting is the process of checking out someone's background. How could that be the root of his problems?

 

[MasterBlaster]

I thought that was a typo.

 

[Newfie]

Got it.