You must be logged in to post messages.
Please login or register

HeavenGames News
Moderated by Scipii, Alexastor, Lord_of_Hell

Hop to:    
loginhomeregisterhelprules
Welcome! You are not logged in. Please Login or Register.
20 replies
HeavenGames » Forums » HeavenGames News » The malware attack this morning
Bottom
Topic Subject: The malware attack this morning
Zen
Ghost
(id: Angel Zen)
posted 10-19-10 04:33 PM CT (US)   
This morning a bot, or a hacker, found a vulnerability in our phpMyAdmin installation and used it to redirect visitors to a malware infected site. Most modern browsers (Current versions of Firefox, Chrome, and Internet Explorer) have built-in protection against these things, as are systems with malware protection installed (anti-virus, MS defender, etc.). However, in the likelihood that your computer was infected by a virus or malware, please visit this page for tips on how to get it off your system.

We have removed all affected files on our server so that the redirect is disabled, and removed our phpMyAdmin installation.

We will be restoring from a backup from yesterday to ensure that no additional back doors were installed on the server. After the backup is restored we will implement additional measures to prevent a new installation of phpMyAdmin from being vulnerable to outside attack.
Zen
Author
Replies:
Peter Fallon
Mere Mortal
(id: Xzyiothe)
posted 10-20-10 01:11 AM CT (US)     1 / 20  
Thanks Zen! However there's been another reported instance of this here.
☭ Long live the Turk ☭
"Xzy is the worst parts of kman and legion combined, only with proper spelling so you know he's smart enough to act otherwise if he wasn't such an idiot." - theferret
"Xzy is like all of the terrible Guardian contributors rolled into one person. Proof that you can genetically engineer a humanoid abomination." - Fiindil
scragins
Heretic of December
posted 10-20-10 04:55 AM CT (US)     2 / 20  
Is there any chance you can tell us which files were infected or when this hack or what ever you want to call it was made?
Peter Fallon
Mere Mortal
(id: Xzyiothe)
posted 10-20-10 05:29 AM CT (US)     3 / 20  
As the thread name would suggest it was in the morning and Illinois is UTC-6.

By 'files' these are likely configuration files and different pages to redirect to the attack sites. It'd be useless time-victim-wise to repackage any of the zip archives in the download section if that's what you're worried about.
☭ Long live the Turk ☭
"Xzy is the worst parts of kman and legion combined, only with proper spelling so you know he's smart enough to act otherwise if he wasn't such an idiot." - theferret
"Xzy is like all of the terrible Guardian contributors rolled into one person. Proof that you can genetically engineer a humanoid abomination." - Fiindil
scragins
Heretic of December
posted 10-20-10 06:58 AM CT (US)     4 / 20  
Yes i do know it was in the morning but is there an exact time or more specific because the morning is 12 hours long but currently im assuming it 6-10 am
Zen
Ghost
(id: Angel Zen)
posted 10-20-10 12:45 PM CT (US)     5 / 20  
10am-noon EDT
Zen
Dr Grip
Mere Mortal
posted 10-20-10 02:02 PM CT (US)     6 / 20  
It seems AOMH doesn't work anymore, not even the forums. Is that normal?
This is the best signature ever!
manpeopledad
Mere Mortal
posted 10-20-10 05:09 PM CT (US)     7 / 20  
Yeah AoMH seems to not load at all. Hope this is fixed soon...
Zen
Ghost
(id: Angel Zen)
posted 10-20-10 05:51 PM CT (US)     8 / 20  
AoMH should be back up now.
Zen
Gadunz Fejj
Mere Mortal
(id: Fejj)
posted 10-20-10 06:32 PM CT (US)     9 / 20  
Not yet.
SuxHorses,Eggs,Lepers,Pigs,Elves,Retards
♫ A firm teenage kiwi folly
Most predictably weird 2010 AoMH
<div class="sig"><hr noshade width="25%" align="left" SIG>[img]http://www.omegaartworks.com/images/omega/thumbs/celtic-sword3[/img]
Espadachim
Mere Mortal
posted 10-20-10 06:33 PM CT (US)     10 / 20  
It is now.
Possidon
Slayer
posted 10-20-10 06:34 PM CT (US)     11 / 20  
I'm glad AOJH and AOEH are back up. Hope the others are fixed soon.
THE DYSTONIAN CHRONICLES

Wrath of the Traibs | Alba gu Brath | Across the Sea | Possidon's Eye-Candy Expansion
MY BLACKSMITH LIBRARY
Thompsoncs
Mere Mortal
posted 10-21-10 02:06 AM CT (US)     12 / 20  
I'm glad it wasn't my owm computer. So everything is fixed now? BTW, if it's still asking, DON'T use that scan you were redirected too. It will show that you have near 1000 virusses and will probably ask you to install that scan on your computer which will damage or even destroy your computer.
scragins
Heretic of December
posted 10-21-10 06:04 AM CT (US)     13 / 20  
Just a question will you know you've gotten the viruses like will you have just downloaded them or will it take you to the site and then you download them?
Thompsoncs
Mere Mortal
posted 10-21-10 06:15 AM CT (US)     14 / 20  
I don't know, but I recommend all people to do a full scan with an up to date virus scan, bacause my norton antivirus did found a security danger on my computer AFTER I've seen the message.
Maffia
AoE3H Seraph
(id: fred_ernie)
posted 10-21-10 05:57 PM CT (US)     15 / 20  
Anyone concerned should run a scan with a fully up to date scanner, I recommend AVG free (Google should be able to help you find it) there are other free virus scanners available.
This month I have mostly been playing Zelda Breath of the Wild
Steam - Maffia GFWL - Maffia01 YouTube - HGMaffia Twitter - @HGMaffia
Age of Empires 3 Heaven Seraph

What is this life if, full of care, We have no time to stand and stare.
[This message hasn't been edited by fred_ernie (or Maffia) (not edited 12-29-2005 @ 09:57 AM).]
scragins
Heretic of December
posted 10-22-10 04:40 AM CT (US)     16 / 20  
Well then in that case anyone know a good virus scanner for MAC
Peter Fallon
Mere Mortal
(id: Xzyiothe)
posted 10-22-10 05:10 AM CT (US)     17 / 20  
Macs don't get windows viruses. Google some anti-spyware stuff for any other nasties that could have been on the site. The fake virus scanner in particular targets windows users exclusively.
☭ Long live the Turk ☭
"Xzy is the worst parts of kman and legion combined, only with proper spelling so you know he's smart enough to act otherwise if he wasn't such an idiot." - theferret
"Xzy is like all of the terrible Guardian contributors rolled into one person. Proof that you can genetically engineer a humanoid abomination." - Fiindil
EnemyofJupitor
HG Alumnus Superbus
posted 10-22-10 06:10 AM CT (US)     18 / 20  
Might I also suggest Malwarebytes anti-malware? It's a fantastic little free program
And I shall go Softly into the Night Taking my Dreams As will You
Waffentraeger
Mere Mortal
(id: Daelon)
posted 10-23-10 08:10 PM CT (US)     19 / 20  
My laptop that i'm currently using was hit like a freight train by this shit earlier yesterday morning. AVG took it out, detected it as a trojan.
PCDania
Mere Mortal
(id: PCD)
posted 10-24-10 06:15 AM CT (US)     20 / 20  
Antivirus programs for MAC OS X:

Trend Micro (MAC OS X 10.4, 10.5, 10.6) and Kaspersky Mac OS X 10.4.11 or higher.
"Cats are the only animals that are both uber, pwns and 1337 at the same time." -King Euric
By reading this fine print your soul is now the exclusive property of HeavenGames.
HeavenGames » Forums » HeavenGames News » The malware attack this morning
Top
You must be logged in to post messages.
Please login or register
Hop to:    
HeavenGames

Copyright © 1997–2024 HeavenGames LLC. All rights reserved.
v2.5.0