chiffandfipple.com hacked

Board policies and official announcements about Chiff and Fipple and the forums. Please read!
User avatar
peeplj
Posts: 9029
Joined: Mon Jan 21, 2002 6:00 pm
Please enter the next number in sequence: 1
Location: forever in the old hills of Arkansas
Contact:

Re: chiffandfipple.com hacked

Post by peeplj »

I've hit the forums from multiple systems (one running Avast, one running Symantec's corporate antivirus system and firewall).

So far I've not seen any evidence that the forums are infected.

--James
http://www.flutesite.com

-------
"Though no one can go back and make a brand new start, anyone can start from now and make a brand new ending" --Carl Bard
User avatar
Dale
The Landlord
Posts: 10293
Joined: Wed May 16, 2001 6:00 pm
Please enter the next number in sequence: 1
Location: Chiff & Fipple's LearJet: DaleForce One
Contact:

Re: chiffandfipple.com hacked

Post by Dale »

Thank you, James. Most appreciated.
User avatar
s1m0n
Posts: 10069
Joined: Wed Oct 06, 2004 12:17 am
antispam: No
Please enter the next number in sequence: 10
Location: The Inside Passage

Re: chiffandfipple.com hacked

Post by s1m0n »

Nothing wrong from here, either; I'm logging in via Opera from a box running XP.
And now there was no doubt that the trees were really moving - moving in and out through one another as if in a complicated country dance. ('And I suppose,' thought Lucy, 'when trees dance, it must be a very, very country dance indeed.')

C.S. Lewis
User avatar
MTGuru
Posts: 18663
Joined: Sat Sep 30, 2006 12:45 pm
antispam: No
Please enter the next number in sequence: 8
Location: San Diego, CA

Re: chiffandfipple.com hacked

Post by MTGuru »

Dale wrote:MTGuru is a big help, but I don't think he's an expert on all of this either.
It's willful ignorance, don't you know. :wink:
Vivat diabolus in musica! MTGuru's (old) GG Clips / Blackbird Clips

Joel Barish: Is there any risk of brain damage?
Dr. Mierzwiak: Well, technically speaking, the procedure is brain damage.
User avatar
Denny
Posts: 24005
Joined: Mon Nov 17, 2003 11:29 am
antispam: No
Location: N of Seattle

Re: chiffandfipple.com hacked

Post by Denny »

as long as it's willful you'll just take longer ta figure it out :D
Jack
Posts: 15580
Joined: Sun Feb 09, 2003 6:00 pm
Please enter the next number in sequence: 1
Location: somewhere, over the rainbow, and Ergoville, USA

Re: chiffandfipple.com hacked

Post by Jack »

Doug_Tipple wrote:I tried to log on C & F yesterday, but every time I tried, my computer froze up. I had to do a control alt delete to back out. There was a screen from Norton security saying that there was an attempt to infect my computer, which, luckily, my security software was able to take care of each time. There were several security updates that came through the day before in the daytime, when my usual automatic security updates are in the early morning. The trojan horse or whatever was identified by name, but I didn't write it down. I read yesterday that there are growing instances of these types of malware attacks, and that an estimated one in ten computers in the USA (I believe) are presently affected, with sensitive personal data available to the hackers. The whole internet insecurity mess scares me.
That's what happened to me too but I thought it was just my computer. Guess not. :P
User avatar
peeplj
Posts: 9029
Joined: Mon Jan 21, 2002 6:00 pm
Please enter the next number in sequence: 1
Location: forever in the old hills of Arkansas
Contact:

Re: chiffandfipple.com hacked

Post by peeplj »

Guys, when you have a virus message or any error that looks like it may be virus or malware-related, always:

1. STOP what you are doing

2. write down the error

3. if you are using broadband, hit the "standby" button on top of the modem to go offline. If your PC has been compromised, this will prevent it from being remote controlled or used for anything nefarious.

Then you'll need to do a virus scan with whatever program you're using. Most will have an option for a quick scan, do that, and then run a full scan that night. If the quick scan is clean, you can go back online, but do a full scan that night just to be sure.

Here's the why: some viruses trash out the hard drive, but the data is sometimes recoverable, if you know what caused the damage.

Just offering a few pointers to try to help keep your online experiences positive.

--James
http://www.flutesite.com

-------
"Though no one can go back and make a brand new start, anyone can start from now and make a brand new ending" --Carl Bard
User avatar
Casey Burns
Posts: 1488
Joined: Sun Nov 16, 2003 12:27 pm
Please enter the next number in sequence: 1
Location: Kingston WA
Contact:

Re: chiffandfipple.com hacked

Post by Casey Burns »

Something is going around. This just happened to one of the more important alternative financial websites www.financialsense.com

Question - who is your hosting provider? GoDaddy? Google?

Casey
User avatar
Dale
The Landlord
Posts: 10293
Joined: Wed May 16, 2001 6:00 pm
Please enter the next number in sequence: 1
Location: Chiff & Fipple's LearJet: DaleForce One
Contact:

Re: chiffandfipple.com hacked

Post by Dale »

Casey Burns wrote:Something is going around. This just happened to one of the more important alternative financial websites http://www.financialsense.com

Question - who is your hosting provider? GoDaddy? Google?

Casey
Dreamhost

Rich is helping (Yay!) and is confident this board is not infected. It's on a private server.
User avatar
Doug_Tipple
Posts: 3829
Joined: Wed Mar 31, 2004 8:49 pm
antispam: No
Please enter the next number in sequence: 10
Location: Indianapolis, Indiana
Contact:

Re: chiffandfipple.com hacked

Post by Doug_Tipple »

It's good to know that C & F is not currently infected by a virus. However, since a number of hosting providers recently have been infected by a new trojan virus that embeds itself in the codes of the subscribing websites, it is not unreasonable to think that there is a good possibility that we might encounter this again, no matter where we happen to be on the internet.

Thanks to James for his helpful comments about how to deal with this from the point of view of the individual user. Let's see. I have to remember to wear my armor when I go into battle, or something like that. Right, James?
User avatar
peeplj
Posts: 9029
Joined: Mon Jan 21, 2002 6:00 pm
Please enter the next number in sequence: 1
Location: forever in the old hills of Arkansas
Contact:

Re: chiffandfipple.com hacked

Post by peeplj »

I have to remember to wear my armor when I go into battle, or something like that. Right, James?
:) That's pretty much the idea, yes.

At absolute minimum, using a Windows system, you should have a current antivirus package, and at least once a week update its definitions. Run a firewall--the Windows firewall in XP (at least SP2) or Vista is fine.

Much better is to have both antivirus and software firewall, and also have a hardware firewall offering stateful packet inspection (newer routers will already have this), and have an anti-malware package such as Windows Defender (mediocre-good) or Spybot Search and Destroy (much better). If you're going to be doing much web surfing at all, you really need these, especially the hardware firewall.

I want to mention the hardware firewall again as lots of folks don't understand why they need a router if they are only going to have one computer that goes on the internet. A hardware firewall makes your network pretty much invisible to hackers. It's not 100%, but it protects you from everything except very dedicated, non-trivial attempts to access your system. This is a level of protection far past what any software firewall can provide.

--James
http://www.flutesite.com

-------
"Though no one can go back and make a brand new start, anyone can start from now and make a brand new ending" --Carl Bard
Cork
Posts: 3128
Joined: Tue Jan 16, 2007 7:02 am
antispam: No

Re: chiffandfipple.com hacked

Post by Cork »

peeplj wrote:...I want to mention the hardware firewall again as lots of folks don't understand why they need a router if they are only going to have one computer that goes on the internet. A hardware firewall makes your network pretty much invisible to hackers. It's not 100%, but it protects you from everything except very dedicated, non-trivial attempts to access your system. This is a level of protection far past what any software firewall can provide...
James has it right, in terms of hardware firewall versus software firewall.

I've been using a (brand name) Netgear router, which also includes a hardware firewall.

Hardware firewall, way to go!
User avatar
Mitch
Posts: 1826
Joined: Tue Dec 20, 2005 6:58 pm
antispam: No
Please enter the next number in sequence: 8
Location: Wombatistan
Contact:

Re: chiffandfipple.com hacked

Post by Mitch »

Norton has this report:
-------------------------------

General Info
Web Site Location United States of America


Norton Safe Web has analyzed chiffandfipple.com for safety and security problems. Below is a sample of the threats that were found.
Threat Report
Total threats found: 12


Drive-By Downloads (what's this?)
Threats found: 12
Here is a sample:

Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\G1Q9SRO7\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-December2005/



Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\G1Q9SRO7\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-January05/



Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\MH25YLE5\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cfSeptember2005/



Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\MH25YLE5\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-JUNE2004/index.htm



Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\GZKDIZWD\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-MARCH2005/



Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\W96RIBA9\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-december2004/



Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\W96RIBA9\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-May2004/index.htm



Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\MH25YLE5\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/march2006/



Threat Name: Direct link to Suspicious.MH690
Location: http://www.chiffandfipple.com/webissues.html



Direct link to: http://www.chiffandfipple.com/whistlehaiku/
Location: http://www.chiffandfipple.com/
All the best!

mitch
http://www.ozwhistles.com
Cork
Posts: 3128
Joined: Tue Jan 16, 2007 7:02 am
antispam: No

Re: chiffandfipple.com hacked

Post by Cork »

BTW, I haven't had any trouble, lately, in getting to C&F.

c/o Mac OSX

:-)
User avatar
Doug_Tipple
Posts: 3829
Joined: Wed Mar 31, 2004 8:49 pm
antispam: No
Please enter the next number in sequence: 10
Location: Indianapolis, Indiana
Contact:

Re: chiffandfipple.com hacked

Post by Doug_Tipple »

peeplj wrote:
I have to remember to wear my armor when I go into battle, or something like that. Right, James?
:) That's pretty much the idea, yes.

At absolute minimum, using a Windows system, you should have a current antivirus package, and at least once a week update its definitions. Run a firewall--the Windows firewall in XP (at least SP2) or Vista is fine.

Much better is to have both antivirus and software firewall, and also have a hardware firewall offering stateful packet inspection (newer routers will already have this), and have an anti-malware package such as Windows Defender (mediocre-good) or Spybot Search and Destroy (much better). If you're going to be doing much web surfing at all, you really need these, especially the hardware firewall.

I want to mention the hardware firewall again as lots of folks don't understand why they need a router if they are only going to have one computer that goes on the internet. A hardware firewall makes your network pretty much invisible to hackers. It's not 100%, but it protects you from everything except very dedicated, non-trivial attempts to access your system. This is a level of protection far past what any software firewall can provide.

--James
I have a question, James, if you don't mind. I have a Belkin Wireless G router that I purchased about 18 months ago when my wife got her laptop. My desktop computer feeds out of the router, but it is a direct connection. I don't see anything on the packaging box about the presence of a firewall with the router, so I assume that there isn't one. My wife also complains about the downloads being really slow. She has Vista Home Basic OS using Windows IE. In order to speed up her downloads and provide the protection of a hard firewall, can you recommend a replacement router that is not too expensive but would fill our needs for greater security and increased speed?
Post Reply