Jump to content






FPN Quick Navigation




Photo

Malware Problem Fixed


  • This topic is locked This topic is locked
168 replies to this topic

#101 Pjake

Pjake

    Pjake

  • Member - Gold

  • PipPipPipPipPipPipPip
  • 591 posts

Posted 11 June 2010 - 21:36

A thousand thanks for the quick response....now.... get your butts to the Gulf and fix the oil spill.....

It's nice to be back here in the comfortable confines!

Peter

#102 hbquikcomjamesl

hbquikcomjamesl

    Professional Dilettante

  • Member - Gold

  • PipPipPipPipPipPipPipPip
  • 813 posts
  • Flag:

Posted 11 June 2010 - 21:43

I didn't even know about the problem until evidently shortly before it was fixed (and after it had been taken down and replaced with a static placeholder page).

Out of morbid curiosity, when did this whole mess start?
--
James H. H. Lampert
Professional Dilettante


Posted Image was once a bottle of ink
Inky, Dinky, Thinky, Inky,
Blacky minky, Bottle of ink!
-- Edward Lear

#103 wimg

wimg

    Stip Etruria nut :)

  • FPN Admin

  • PipPipPipPipPipPipPipPipPipPipPipPipPip
  • 21,041 posts
  • Location:Maastricht, Netherlands, EU
  • Flag:

Posted 11 June 2010 - 21:44

Is it possible to get a specific account of the malware, e.g. its name, symptoms, and method of repair? I installed iAntiVirus on my MacBook, and it found nothing. I've had no problems.

But I'd like to make sure.

There is no repair options for this on a PC or Mac, as it is specifically targeted at systems running IP.Board software, i.e., our FPN Linux server. It does however function as a distribution channel for some 15 different PC viruses, maybe more, and a few Mac viruses, but I don't know which ones. We can't actually check that, as those are downloaded from to hacking servers and then uploaded to a connecting PC, bypassing all the regular controls.

However, none or those are brand new viruses, so if you use a virus scanner, it shoudl automatically pick up on those and isolate and/or quarantine them.

I am on a Macbook, running the latest version of Snow Leopard. I accessed FPN via Safari Tuesday morning some time before Google blocked the site. I don't know if it was before or during or after the malware attacks. My computer seemed fine, but I got worried when other Mac users posted here about being infected. So I downloaded and installed Virus Barrier X6, and ran a full scan today--nothing came up. I assume that my Macbook is clean.


I would think so.
This malware does not infect every computer that connects. It randomly did so, at random pages or views. Google mentioned that something like 28 pages it downloaded were infected, of over 200 it got, but if you check the site stats, it actually downloaded a few thousand pages. 28 of several thousand pages is certainly not all :D.

Warm regards, Wim

the Mad Dutchman
laugh a little, love a little, live a lot; laugh a lot, love a lot, live forever


#104 wimg

wimg

    Stip Etruria nut :)

  • FPN Admin

  • PipPipPipPipPipPipPipPipPipPipPipPipPip
  • 21,041 posts
  • Location:Maastricht, Netherlands, EU
  • Flag:

Posted 11 June 2010 - 21:46

I didn't even know about the problem until evidently shortly before it was fixed (and after it had been taken down and replaced with a static placeholder page).

Out of morbid curiosity, when did this whole mess start?

June 8, early morning EST.

A few hours later it was fixed, but Google didn't agree yet, leading to a lot of extra work (which wasn't removing malware) ...

Warm regards, Wim

the Mad Dutchman
laugh a little, love a little, live a lot; laugh a lot, love a lot, live forever


#105 silvabreen

silvabreen

    Rare

  • Member - Gold

  • PipPipPipPipPip
  • 194 posts
  • Location:Minnesota, USA
  • Flag:

Posted 11 June 2010 - 21:52

I am grateful for the work and passion of our administrators who keep us rolling!!!

Kudos, and thank you for keeping our community safe.
Montblanc / Pelikan / Sailor / Pilot / Lamy / Cross / Parker

#106 offbase

offbase

    Antique

  • Member - Gold

  • PipPipPipPipPipPipPipPipPip
  • 1,991 posts

Posted 11 June 2010 - 21:57

I got 14 separate infections the first time, and an additional 40+ when I accidently clicked on FPN from my browser hx. Thanks for all your hard work in cleaning this up, Admins.

#107 mateo44

mateo44

    Extremely Rare

  • Member - Gold

  • PipPipPipPipPipPip
  • 224 posts
  • Location:Southern California

Posted 11 June 2010 - 22:10

Thanks for doing the hard work required to get this back up and running.

#108 DAYoung

DAYoung

    philosopher/author

  • Member - Gold

  • PipPipPipPipPipPipPipPip
  • 1,373 posts
  • Location:Melbourne

Posted 11 June 2010 - 22:19

Thanks, Wim. I'll keep an eye on my Mac, but it looks healthy for now.

Good on you all for getting on top of it.
Damon Young
philosopher & author
OUT NOW: Philosophy in the Garden

Posted Image

#109 matt385

matt385

    Extremely Rare

  • Member - Gold

  • PipPipPipPipPipPip
  • 350 posts
  • Location:Cary, NC

Posted 11 June 2010 - 22:36

Thank you admins for fixing this. I was surprised how much I missed FPN!


Today, everyone is wondering who would do this. Next week we'll be complaining about fraudulent Montblancs on ebay!

Not the same guys but the same concept, some people steal or destroy. You have to lock your doors at night and you have to protect your computers. The difference is with the internet, people half way around the world (or next door) can invade your computer and take every thing you have on it.

Thank you again,
Matt
The key to life is how well you deal with Plan B.

#110 bluestar

bluestar

    Bluestar

  • Member - Gold

  • PipPipPipPip
  • 68 posts
  • Location:Sydney, Australia
  • Flag:

Posted 11 June 2010 - 22:37

Glad you are back.
My Norton log looks interesting!
Severe withdrawal symptoms.
Problems concentrating.
Blurry cvision.
All is now well.
Thanks for all the hard work to keep the Nuthouse fully operational.

#111 gkterry

gkterry

    Duine Ruadh

  • Member - Gold

  • PipPipPipPipPipPip
  • 317 posts
  • Location:Paris, IL
  • Flag:

Posted 11 June 2010 - 22:39

I understand & appreciate the great effort that was expended to fix this issue. Thank you very much for being diligent and fixing the issue in a timely manner.

Edited by gkterry, 11 June 2010 - 22:40.

Current Favorite Pens: Aurora Talentum, Pelikan Polar Lights and Bexley 10th Anniversary


#112 Spector

Spector

    Extremely Rare

  • Member - Gold

  • PipPipPipPipPipPip
  • 348 posts
  • Location:USA
  • Flag:

Posted 11 June 2010 - 22:45

Good to hear that everything is ok now. :D
Posted Image "Facts do not cease to exist because they are ignored" -Aldous Huxley

Parker 45 F, Lamy Safari EF, Lamy 2000 F, TWSBI Diamond 530 F, Reform 1745 F, Hero 616 F, Pilot Varsity F, Pilot 78g F,

#113 jpl

jpl

    Extremely Rare

  • Member - Gold

  • PipPipPipPipPipPip
  • 395 posts

Posted 11 June 2010 - 23:22

Of those who got infected may I know the antivirus you were using? I use Nod32 from ESET and did not got infected.

#114 pen2paper

pen2paper

    arty o the irst art

  • Member - Gold

  • PipPipPipPipPipPipPipPipPipPipPip
  • 5,081 posts

Posted 11 June 2010 - 23:35

drown the hacker in a vat of BSB
pierce the area where the heart ought be with a biro
in whatever order is most effective

bless AVG-free



Posted Image~Hi! fountain pen enthusiast here~

#115 esterbex

esterbex

    Rightly seasoned

  • Premium - Emerald

  • PipPipPipPipPipPipPipPipPip
  • 2,865 posts
  • Location:Capone's Hideout, Arkansas
  • Flag:

Posted 12 June 2010 - 00:07

Whew! I thought I had been kicked out and was stressing over what I could have done wrong....
I was Jonesin' pretty bad....
Thanks for your diligence....
God is seldom early, never late, and always on time. ~~Larry Brown

#116 Pippin60

Pippin60

    Still tilting at windmills

  • Member - Gold

  • PipPipPipPipPipPipPipPipPip
  • 2,334 posts
  • Location:New Jersey, USA

Posted 12 June 2010 - 00:08

A big thank you to all those who worked to re mediate the problem. From experience I know it takes a lot of work. Posted ImagePosted Image

I was starting to go through withdrawals.

The difference between the almost right word & the right word is really a large matter--it's the difference between the lightning bug and the lightning.
- Mark Twain in a Letter to George Bainton, 10/15/1888


#117 Alice L

Alice L

    Vintage

  • Member - Gold

  • PipPipPipPipPipPipPip
  • 444 posts
  • Location:Washington State
  • Flag:

Posted 12 June 2010 - 00:16

Another heartfelt thanks to the Admin team for all they did to get FPN back in business! :thumbup: I could hardly have been much fun for them, and it certainly was no fun for the rest of us. Funny how isolated I felt being unable to check in with the FPN family :huh:

#118 StyloBug33

StyloBug33

    Paper Junkie

  • Premium - Ruby

  • PipPipPipPipPipPipPipPip
  • 936 posts
  • Location:Indiana

Posted 12 June 2010 - 00:44

I didn't even know about the problem until evidently shortly before it was fixed (and after it had been taken down and replaced with a static placeholder page).

Out of morbid curiosity, when did this whole mess start?

June 8, early morning EST.

A few hours later it was fixed, but Google didn't agree yet, leading to a lot of extra work (which wasn't removing malware) ...

Warm regards, Wim



So, would it be reasonable to understand that if we didn't log on during this time, then we wouldn't have a problem?
God put me on this earth to accomplish a certain number of things. Right now I am so far behind, I will never die.
-Bill Waterson

#119 Journaleur

Journaleur

    Extremely Rare

  • Member - Gold

  • PipPipPipPipPipPip
  • 211 posts

Posted 12 June 2010 - 00:47

To the cracker: (Rough English translation of a Yiddish curse): May you grow like an onion, with your head in the ground.!

To the Admin: When I saw the notice I was angry and optimistic. Angry at the cracker who did this to my favorite site. Optimistic that the Admins would get it straightened out. And you did! Thanks people for all the good work to do to keep FPN up and running. Much appreciations.
There will be no crisis this week. My calendar is already full.

#120 wimg

wimg

    Stip Etruria nut :)

  • FPN Admin

  • PipPipPipPipPipPipPipPipPipPipPipPipPip
  • 21,041 posts
  • Location:Maastricht, Netherlands, EU
  • Flag:

Posted 12 June 2010 - 00:50

I didn't even know about the problem until evidently shortly before it was fixed (and after it had been taken down and replaced with a static placeholder page).

Out of morbid curiosity, when did this whole mess start?

June 8, early morning EST.

A few hours later it was fixed, but Google didn't agree yet, leading to a lot of extra work (which wasn't removing malware) ...

Warm regards, Wim



So, would it be reasonable to understand that if we didn't log on during this time, then we wouldn't have a problem?

That is correct.

Warm regards, Wim

the Mad Dutchman
laugh a little, love a little, live a lot; laugh a lot, love a lot, live forever





[Sponsored Content]