NOTICE: Possible trojan on C&F

[missy]

Lambchop - that's exactly the warning I got with Symantec, too.

I just wiped out my temp file - since that's where it was trying to go.

[Dale]

It's all pretty odd. SOMETHING happened, for sure. The problem is that Rich, who knows phpbb thoroughly, can't find any evidence of any changed php files. So, there's nothing to fix. I wonder if whatever got hacked got un-hacked. I dunno.

So, you know,


I would recommend that we put the AE-35 unit back in operation and let it fail. It should then be a simple matter to track down the cause. We can certainly afford to be out of communication for the short time it will take to replace it.

Break

[peeplj]

I wonder if it came in inside one of the ad frames, or if C&F is big enough that it uses load balancing and only some of the servers were affected?

Asus.com also got hit via that second route.

http://isc.sans.org/diary.html?storyid=2582 might be worth reading.

--James

[missy]

Dale,Dale,Dale - c'mon - it was the Crystal People!!!!

[djm]

Open the pod bay doors, HAL.



djm

[Nanohedron]

Say, does anybody else find this change? Cursor over the email clicky no longer reveals the email address; clicking to email, my Outlook Express no longer applies to the process. Instead, I just get a page with a space for the subject line and a space on which to write text, and a "send" clicky.

As a mod, I sometimes have to judge spammers by the nature of their email addresses, so this is something of an inconvenience.

I wonder what else is up.

[Joseph E. Smith]

My guess, it is a privacy matter for the recipient.

[Nanohedron]

My guess, it is a privacy matter for the recipient.

It's a totally new thing, then. 'Twas never thus, before.

[Joseph E. Smith]

My guess, it is a privacy matter for the recipient.

It's a totally new thing, then. 'Tws never thus, before.

After yesterdays shut down, I am thinking so.

[izzarina]

I have a Mac (which I'm assuming means that I'm fine), but of course, me being ME, I'm feeling paranoia coming on (yikes! where is my tin foil hat??). Is there a way I can do a search to find out if it's in my system?

[Dale]

At this point, I'm convinced that some kind of trojan was picked up by some of us yesterday via the board. But, unfortunately, there's just no way of knowing, at least yet, where it came from. My understanding is that jpg files can now transmit trojans...and I kind of like the idea that it might have been a banner ad.

Weird stuff.

[burnsbyrne]

My Macafee virus scan gave me a trojan alert yesterday just after I opened C&F. It neutralized and destroyed the intruder and went on to check my entire hard drive. I am glad that Dale and the other moderators stay on top of things. It's good to know that C&F is safe
Mike

[Brian Lee]

Have been using Firefox exclusively for about three years now - didn't get so much as a peep on this thing, and the boards all loaded fine yesterday. Makes me glad I'd made the switch.

[rich]

Say, does anybody else find this change? Cursor over the email clicky no longer reveals the email address; clicking to email, my Outlook Express no longer applies to the process. Instead, I just get a page with a space for the subject line and a space on which to write text, and a "send" clicky.

The switch to disable display of email addresses is not only right below the switch to enable or disable the board, but is also labeled "enable" and "disable" while the board-disable switch is labeled "yes" and "no" -- AND setting the former to "enable" disables direct email. So my guess is that in all of the enabling and disabling of the board, either Dale or I hit the wrong switch once.

It should be back to normal (displaying email addresses) now.

-Rich

[TelegramSam]

Yay for Firefox! Yay for Ubuntu Linux!



I feel sorry for you poor suckers stuck with internet exploder and windblows.