The Great War Forum has been hacked; the hacker has cloned itself as admin, has put what look like virus related links up, and has emailed everyone in the forum, which means it has culled everyones email. Expect junk... big style. I would keep clear of the site for the moment, as it looks as if it could be messy. Good reason for you to check all security issues Lee; I am very surprised Chris Baker has allowed this to happen.
Security as I always state on this site is paramount, that is evident since the day I have had it, after I bought it back from the first buyer and the 2nd. This site never goes without a patch, as does the server and so on. Howe many hacks have you seen on any of my sites whilst under my ownership? 2 in total over 3 years. Some you will never stop other you should be ashamed you did not stop. Dont be so hard on Chris,big forums are prone to attackers attention, its life. It may be the hacker got access via the server which is not down to Chris. The occasional spam message cant be prevented if an actual person joins to post either.
Hi Lee - this appears to be more than spamming. It appears to have corrupted code and has culled everyones email address. I am not being hard on Chris, I am just surprised, that's all.
Appreicate that, unfortunately Chris also uses forum software that is not that great anymore, you will remember I moved from Invision to VBulletin some time ago, as have many in recent times. The email address cull is common too, and that will cause damage, the hacker will sell them all on. Personally I have changed the location of the email addresses here to a diffrerent part of the database and renamed it to something different to prevent it being found in the event something like this happens. Here is another example, I use dnforum.com quite a lot, very capable admin over there, in fact probably more capable than I am. The site was hacked by an iranian who refused to restore normality until all threads on iran were removed as he got offended about a particular thread! You just never know whats coming sometimes..
The GWF forum is ok. Chris has the following info on the site and it is unhelpful to say otherwise. Aye MalcolmII Those members who were active on the forum last night will know that we had the unpleasant experience of being the target of a very sophisticated hacker. By very good fortune, I was here myself when the attack happened and was able to counter some of it "live", as it were. Quite exciting, like cyber chess but where you would willingly kill your opponent. At one point I was locked out of the admin functions. I immediately contacted our hosts Invision, who I have to say were absolutely superb in response time, technical fixes and advice. The method of entry exploited a hitherto unknown chink in the defences (which is not just us, it is common to many such forums). This has now been corrected by Invision - until the next time these idiots find a way around. Your own passwords and email addresses have not been compromised. They are encrypted when you enter them and are not readable. Our hacker used a feature of the "back room" which I never do, namely to send a bulk email that went to many of our members. Ignore it - delete it - if you received one. One little nasty was that he/she injected a script that turned the letters "he" into a link to some website. These have now all - I think - been eradicated. If you find one, let me know. It is perhaps the first time that I am glad I always type "teh" wrongly! Thanks for your patience. Onwards and upwards. <!--IBF.ATTACHMENT_546400--> -------------------- <!--coloro:red--><!--/coloro-->Chris Baker<!--colorc--><!--/colorc-->
The GWF forum is ok. Chris has the following info on the site and it is unhelpful to say otherwise. Aye MalcolmII<!--colorc--><!--/colorc--> Malcolm - the above was of course written before Chris posted that information. It is not unhelpful to warn people of this; many here are members of both forums, and many people clicked on the link in the rogue email that went round, which took them to a site where it has been proved there were Spyware/Adware issues. So I think when it was posted the warning was timely. Next time I won't bother.
I aweys hated stuped hakers.People who dont have what to do.People who are conected with the computers and they dont have a life.I call the hakers nolifes.
Your own passwords and email addresses have not been compromised. They are encrypted when you enter them and are not readable. Chris does a good job, no doubt about it, however that statement above is only part true. Email addys are not encrypted, passwords are. If the hacker wanted the email list he will have them.
A word of advice to all of you that use the GWF, I just read the thread on the GWF if you opened the email please run spy software. I will guarantee you you have been infected, I know this site and hacker that is doing it. You will have a cookie placement and small script that will send info from your pc of a personal nature. If you dont already have such software get this one and run it, its free. VIRUS SOFTWARE WILL NOT DETECT THIS SCRIPT OR COOKIE http://www.lavasoftusa.com/software/adaware/ Download the personal version.
Hi Lee, This was my result: ArchiveData(auto-quarantine- 2006-11-05 00-05-54.bckp) Referencefile : ====================================================== WIN32.ADVERTS.TROJANDOWNLOADER »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» WINFIXER »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» obj[1]=Regkey : interface\ obj[15]=File : C:\Program Files\Common Files\WinSoftware\FCrXML.dll WIN32.TROJAN.DOWNLOADER »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» TRACKING COOKIE »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» BROADCASTPC »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
