Jump to content


Photo

Malware Problem Fixed


  • This topic is locked This topic is locked
168 replies to this topic

#1 Admin

Admin

    The FPN Admin Team

  • Admin

  • PipPipPipPipPipPipPip
  • 475 posts

Posted 11 June 2010 - 10:17

Dearest members of this little nut house on the digital prairie,

The FPN site was hacked. A significant effort to find and delete corrupted files was accomplished by midday Wednesday, and the site returned to service. Since then we have continued to work to restore the site, and to implement additional protections, and would not consider a return to public view until we are satisfied that it is both clean, and well protected.

Google identified it as an attack site by sensing that there was malware on the site on June, 8. We were trying to get their attention to assure them that we are restoring the site after cleaning it, but there was some difficulty in getting their attention. Unfortunately, once a site has been reported, one has to request a retest of the site by them, and that not only places us at their mercy re timing, but also on propagation of its safe status over the internet..

We found in the mean time that many reports we got were triggered by the big red box Google uses to alert people surfing the internet, and that this does not reflect the actual state of a web site. We were clear on June, 8, IOW only hours after the first report by a member, but you need to read the actual report in detail to find that the (only and) last report of malware by Google itself found place early on June 8!

Anyway, current status is that the site is malware free, and that the loopholes are closed.

According to Google:

**************************************************

Malware
Unfortunately, Google has discovered harmful code on your site. Google users will see a warning page when they attempt to visit pages within this site.

Status of the latest badware review for this site: A review for this site has finished. The site was found clean. The badware warnings from web search are being removed. Please note that it can take some time for this change to propagate.

After you have removed all harmful code from your site and addressed the underlying vulnerability that caused it to be compromised, you can request a review of your site.

Request a reviewSome of the infected pages are listed below. Google is providing these pages as a starting point in your investigation and clean-up process. Please also use StopBadware.org's Guide to Cleaning and Securing your Website to identify, address, and prevent any malware activity on your site. Important: Simply removing harmful code from individual pages is not enough to fix the problem; you must also ensure that you identify and address the underlying vulnerabilities that allowed your site to be contaminated.


**************************************************
Highlight in red, bold, italics by us.

IOW, back to our normal addiction of anything pen related :D.We're happy to be back, so let's enjoy !


Warmest regards, from
This account is unmanaged.
Please direct questions and comments to FPN Admin email, or directly to admin Wim (wimg).
 
Thank you very much in advance.
 
Warm regards,
The FPN Admin Team

#2 The Grim Sheaffer

The Grim Sheaffer

    The sound of one tine writing

  • Member - Gold

  • PipPipPipPipPipPip
  • 398 posts

Posted 11 June 2010 - 10:49

It was terrible missed you so much.

Glad you are back

#3 SamCapote

SamCapote

    Got Warm Milk?

  • Member - Gold

  • PipPipPipPipPipPipPipPipPipPip
  • 4,140 posts
  • Location:USA (CT)
  • Flag:

Posted 11 June 2010 - 10:53

This was completely freaking me out. I also ran my own Spybot Seek & Destroy, and also Spywareblaster which both came up clean on my machine. But I couldn't get my fix. I started getting the DT's, shaking, frothing at the mouth, messing on myself. Don't do this again. I ran out of clean underwear!

Edited by SamCapote, 11 June 2010 - 10:54.

With the new FPN rules, now I REALLY don't know what to put in my signature.

#4 Twoodi

Twoodi

    Vintage

  • Member - Gold

  • PipPipPipPipPipPipPip
  • 527 posts
  • Location:Sydney, Australia
  • Flag:

Posted 11 June 2010 - 10:59

This was completely freaking me out. I also ran my own Spybot Seek & Destroy, and also Spywareblaster which both came up clean on my machine. But I couldn't get my fix. I started getting the DT's, shaking, frothing at the mouth, messing on myself. Don't do this again. I ran out of clean underwear!




Eeew - one can almost get a picture of this and man - it is very unpleasant!! Fortunately that is almost ;)

Great job to get this fixed - I missed you heaps as well!!
I'm in a constant state of cat-like readiness!!!
"What do we live for if not to make life less difficult for each other" George Elliot
Posted Image

#5 Pen Nut

Pen Nut

    "You open one safe door and another one closes"

  • Member - Gold & Supporter

  • PipPipPipPipPipPipPipPipPipPipPip
  • 5,267 posts
  • Location:Manchester UK
  • Flag:

Posted 11 June 2010 - 11:09

Thought we had gone for good for a while. Anyway all back to normal now.

My heart says English, my head says Japanese, my hand holds German (pens, cars or beer ?)

 

" I spend 95% of my income on pens..........the rest I just waste " 


#6 Jules

Jules

    Rare

  • Member - Gold

  • PipPipPipPipPip
  • 111 posts
  • Location:MI, USA

Posted 11 June 2010 - 11:26

Thanks for bringing FPN back! :D

#7 farseer911

farseer911

    Antique

  • Member - Gold

  • PipPipPipPipPipPipPipPipPip
  • 2,276 posts
  • Location:Pennsylvania USA
  • Flag:

Posted 11 June 2010 - 11:29

yeah!!!
A gentleman is one who puts more into the world than he takes out.

Posted ImagePosted Image

#8 mana

mana

    Vintage

  • Member - Gold

  • PipPipPipPipPipPipPip
  • 427 posts

Posted 11 June 2010 - 11:35

Yay! I missed FPN... :)
...now is the only thing that is real...

"Design is how it works"
Steve Jobs

#9 Fuddlestack

Fuddlestack

    My head is naturally lumpy

  • Member - Gold

  • PipPipPipPipPipPipPipPip
  • 1,102 posts
  • Location:Alsace, France
  • Flag:

Posted 11 June 2010 - 11:38

Glad we're back, and thanks for your efforts. This happened to my own site last year, and it was just as frustrating getting Google to acknowledge the clean-up. Still, their turnaround time isn't as slow as that of some ISP's email blacklisting engines, where an innocent address can be blocked for years.

The sphere, Cavor! We must find the sphere!


#10 PenTieRun

PenTieRun

    Antique

  • Member - Gold

  • PipPipPipPipPipPipPipPipPip
  • 1,639 posts
  • Location:SE Michigan, Upstate NY & NYC, SE Pennsylvania
  • Flag:

Posted 11 June 2010 - 11:46

Our long national nightmare is over, thank goodness!

#11 framebaer

framebaer

    Antique

  • Member - Gold

  • PipPipPipPipPipPipPipPipPip
  • 1,516 posts
  • Location:mostly Boston and Cape Cod.
  • Flag:

Posted 11 June 2010 - 11:53

The Malware corrupted a bunch of files on my Mac. Had to run the installation utility diagnostics to fix the problem. Suggest other Mac users do the same.

Edited by framebaer, 11 June 2010 - 11:54.

Sensitive Pen Restoration doesn't cost extra. Find me on Facebook at MONOMOY VINTAGE PEN

#12 jpl

jpl

    Extremely Rare

  • Member - Gold

  • PipPipPipPipPipPip
  • 393 posts

Posted 11 June 2010 - 11:54

I entered the site accepting the risk and no malware entered my PC.Did they really found malware code in the site or was just a false positive?

#13 dizzypen

dizzypen

    Swimming in a sea of Noodler's Navy!

  • Moderators

  • PipPipPipPipPipPipPipPipPipPip
  • 3,980 posts
  • Location:The South
  • Flag:

Posted 11 June 2010 - 11:57

YAY! I'm glad FPN is back!
Equal Opportunity Ink and Fountain Pen User.

My blog: The Dizzy Pen

#14 FooWriter

FooWriter

    Rarely Extreme

  • Member - Gold

  • PipPipPipPipPipPip
  • 314 posts
  • Location:DFW metromess, Texas, USA

Posted 11 June 2010 - 11:58

Thanks to the FPN Admin Team for all your efforts. I can only imagine how frustrating it is, having to not only deal with the technical issues, but the political hoops required to get the sites good name back, as well.
Posted Image

"A rock pile ceases to be a rock pile the moment a single man contemplates it, bearing within him the image of a cathedral." –Antoine de Saint Exupéry

#15 Izzy

Izzy

    Vintage

  • Member - Gold

  • PipPipPipPipPipPipPip
  • 442 posts
  • Location:Sussex, UK
  • Flag:

Posted 11 June 2010 - 11:59

I was sweating, shaking uncontrollably and was about to go into therapy :P

Glad you fixed the problems and thanks for all your hard work.

Regards
Nigel
NIGEL
Exploding Ink Maestro

Pens: Caran d'Ache Leman Godron, Lamy Safari, Italix Parsons Essential
Posted Image

#16 Elaine

Elaine

    Mama Tiger

  • Admin Hon.

  • PipPipPipPipPipPipPipPipPipPipPip
  • 6,522 posts
  • Location:New Jersey, USA

Posted 11 June 2010 - 12:02

I entered the site accepting the risk and no malware entered my PC.Did they really found malware code in the site or was just a false positive?


The first instance on 6/8/10 was indeed an attack. The subsequent notices were due to Google requiring a bit of red tape in order to remove their warning.

#17 Will

Will

    Rear Admiral of the Blue

  • Member - Gold

  • PipPipPipPipPipPip
  • 259 posts
  • Location:London
  • Flag:

Posted 11 June 2010 - 12:07

Well done Elaine, and the rest of you. What a pain to have happened. Thank you for all the effort.

#18 Michael A

Michael A

    Rare

  • Member - Gold

  • PipPipPipPipPip
  • 123 posts
  • Location:Sweden
  • Flag:

Posted 11 June 2010 - 12:13

Thank you for getting the site up again. I almost got withdrawal symptoms and started to look for pen shop sites to get my daily "fix" of FPN info.

#19 Ernst Bitterman

Ernst Bitterman

    Nil Magnum Nisi Bonum

  • Member - Gold

  • PipPipPipPipPipPipPipPipPipPipPip
  • 6,979 posts
  • Location:The Flat Bit, Canada
  • Flag:

Posted 11 June 2010 - 12:24

The Malware corrupted a bunch of files on my Mac. Had to run the installation utility diagnostics to fix the problem. Suggest other Mac users do the same.


That seems like great advice.


...but I don't see that utility in my Utilities list. What other names might it lurk under?
Ravensmarch Pens & Books
It's mainly pens, just now....

Oh, good heavens. He's got a blog now, too.

#20 bitterwonder

bitterwonder

    Collectors Item

  • Member - Gold

  • PipPipPipPipPipPipPipPip
  • 960 posts

Posted 11 June 2010 - 12:24

Thank you for your quick and hard work to rectify this.

#21 Scrawler

Scrawler

    The pen is an extension of my mind

  • Member - Gold

  • PipPipPipPipPipPipPipPipPipPip
  • 4,513 posts
  • Location:A clearing in the forest, Canada
  • Flag:

Posted 11 June 2010 - 12:32

I entered the site accepting the risk and no malware entered my PC.Did they really found malware code in the site or was just a false positive?

It has broken my daughters machine and I have to take it to the shop today to see if they can restore it. She has been a PIA without a working machine.

#22 johniem

johniem

    Extremely Rare

  • Member - Gold

  • PipPipPipPipPipPip
  • 286 posts
  • Location:Missouri USA
  • Flag:

Posted 11 June 2010 - 12:39

Thanks, admin team. Perhaps an inadequate expression for your hard work, but certainly well deserved.
“If you believe yourself unfortunate because you have loved and lost, perish the thought. One who has loved truly, can never lose entirely.” ~Napoleon Hill

#23 Defacto

Defacto

    Vintage

  • Member - Gold

  • PipPipPipPipPipPipPip
  • 428 posts
  • Location:Barneveld, NL
  • Flag:

Posted 11 June 2010 - 12:44

Thanks for all the efforts put into getting us back on track!

I love it when a plan comes together:thumbup:!
"I am what I am because of what I have been." (David McCallum)

Posted Image
Posted Image

#24 FrankB

FrankB

    Museum Piece

  • Member - Gold

  • PipPipPipPipPipPipPipPipPipPipPip
  • 7,225 posts

Posted 11 June 2010 - 12:55

Thanks for your efforts to get FPN back up and running - and safe. Very unfortunately, hackers are out there. Some are sociopaths, while some have criminal intent. I missed FPN for the couple of days it was down, but I understood the whole time that such things do and will happen. Let's all hope it doesn't happen again.

#25 WendyNC

WendyNC

    Donor Pen

  • Member - Gold

  • PipPipPipPipPipPipPipPipPipPip
  • 3,956 posts
  • Location:Mebane, North Carolina, USA

Posted 11 June 2010 - 13:01

Our long international nightmare is over, thank goodness!


Fixed it for ya! Glad we're back. Thanks to the admins et al. for dealing with it and keeping us up to date.
I came here for the pictures and stayed for the conversation.

#26 limesally

limesally

    Collectors Item

  • Member - Gold

  • PipPipPipPipPipPipPipPip
  • 1,386 posts
  • Location:southern Alberta, Canada
  • Flag:

Posted 11 June 2010 - 13:04

many thanks for your hard work and prompt response in fixing the problem! Bummer it took google a while to catch up. Still seems strange to me that hackers do what they do...for what? Seems so pointless.

#27 dcwaites

dcwaites

    DavidW

  • Member - Gold

  • PipPipPipPipPipPipPipPipPip
  • 2,940 posts
  • Location:Campbelltown, NSW, Oz
  • Flag:

Posted 11 June 2010 - 13:18

Many thanks from dow nunder (spelt as it is pronounced). I was starting to suffer from withdrawal symptoms...


Posted Image



#28 amble63

amble63

    Vintage

  • Member - Gold

  • PipPipPipPipPipPipPip
  • 587 posts
  • Location:Canada
  • Flag:

Posted 11 June 2010 - 13:21

This was completely freaking me out. I also ran my own Spybot Seek & Destroy, and also Spywareblaster which both came up clean on my machine. But I couldn't get my fix. I started getting the DT's, shaking, frothing at the mouth, messing on myself. Don't do this again. I ran out of clean underwear!


+1 (except for the underwear problem)
Colour is its own reward - N. Finn

#29 SonyaSpiral

SonyaSpiral

    Extremely Rare

  • Member - Gold

  • PipPipPipPipPipPip
  • 278 posts

Posted 11 June 2010 - 13:25

I don't post much but I'm a lurker/stalker... do you know how disorienting it is for us peepers to ...well...PEEP when the windows are barricaded shut?!!! :crybaby:

Glad FPN is back! :cloud9:

Thank you so much for the hard work you devote to this site and for the effort to keep it running!

#30 watch_art

watch_art

    Pen Making Madness

  • Moderators

  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 14,352 posts
  • Location:hot springs, arkansas, usa
  • Flag:

Posted 11 June 2010 - 13:26

obviously it wasn't just malware:
...what's all this mess at the bottom of each page?

Share this topic:

  • ../../../public/style_extra/sharelinks/twitter.png
  • ../../../public/style_extra/sharelinks/facebook.png
  • ../../../public/style_extra/sharelinks/digg.png
  • ../../../public/style_extra/sharelinks/buzz.png
  • ../../../public/style_extra/sharelinks/delicious.png
  • ../../../public/style_extra/sharelinks/reddit.png
  • ../../../public/style_extra/sharelinks/stumble.png
  • ../../../public/style_extra/sharelinks/email.png
  • ../../../public/style_extra/sharelinks/print.png
  • ../../../public/style_extra/sharelinks/download.png


fpn_1405136194__fpn_1404594699__sg_tag.j sigpic14481_1.gif vanness.jpg?t=1321916122