Jump to content


Photo

Malware Spam Attack 2013-04-19


  • Please log in to reply
41 replies to this topic

#31 inkstainedruth

inkstainedruth

    Donor Pen

  • Member - Gold

  • PipPipPipPipPipPipPipPipPipPip
  • 4,053 posts
  • Flag:

Posted 22 April 2013 - 01:38

:yikes:
Wow, now I'm glad I didn't have time to log in on Friday (I spent most of the day with my hands in marzipan), then was out of town for the weekend.
Thanks for getting stuff back on line ASAP. Hopefully once the upgrades get done it won't be too long to get the skins back as well (I've gotten very used to looking at mine :rolleyes:).
As to nikoskard's question, I can only think of two possible answers:
1) it was practice for attacking a much more strategic site; or
2) some people are just vandals, the same way those who have nothing better to do than spray-paint graffiti tags (years ago, I was on a trip to Italy with my parents, and my brother, dad and I climbed up into the dome of St. Peter's Basilica in the Vatican, and some guy was writing his name on the wall -- in a CHURCH, no less... :blink:).
Ruth Morrisson aka inkstainedruth

"It's very nice, but frankly, when I signed that list for a P-51, what I had in mind was a fountain pen."

#32 SamCapote

SamCapote

    Got Warm Milk?

  • Member - Gold & Supporter

  • PipPipPipPipPipPipPipPipPipPip
  • 4,136 posts
  • Location:USA (CT)
  • Flag:

Posted 23 April 2013 - 01:41

Man!!! If it's not one thing it's another. Sorry this forum takes so much of your time and energy, but know that it is appreciated. I keep checking for the Iridium donor thing so I can help out.
With the new FPN rules, now I REALLY don't know what to put in my signature.

#33 pokermon

pokermon

    Vintage

  • Premium - Emerald

  • PipPipPipPipPipPipPip
  • 565 posts
  • Location:Los Angeles, California, USA
  • Flag:

Posted 23 April 2013 - 05:32

Good job on handling the mess admin team. Can't say enough how much the community here appreciates the hard work you guys put in to keep this place awesome!
-Tommy
Pen blog of current inventory

Enjoy life, and keep on writing!
-Tommy

#34 Sasha Royale

Sasha Royale

    Museum Piece

  • Member - Gold

  • PipPipPipPipPipPipPipPipPipPipPip
  • 6,860 posts
  • Flag:

Posted 23 April 2013 - 06:06

Thanks for a great job !

Now, let's hunt them down and kill them.

#35 wimg

wimg

    Stip Etruria nut :)

  • Admin

  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 18,683 posts
  • Location:Maastricht, Netherlands, EU
  • Flag:

Posted 23 April 2013 - 10:10

Man!!! If it's not one thing it's another. Sorry this forum takes so much of your time and energy, but know that it is appreciated. I keep checking for the Iridium donor thing so I can help out.

Hi Sam,

I am afraid that will have to wait now until after the board software upgrade, which now is #1 priority. We have everythign at the ready for it, barrign th econfiguration set up. However, with two attacks in about a month and a half, we need to get the board software sorted (read: upgraded) first. And this happens to be a lot of work, unfortunately, in a preparatory sense, and from an execution POV as well.

Warm regards, Wim

the Mad Dutchman
laugh a little, love a little, live a lot; laugh a lot, love a lot, live forever


#36 wimg

wimg

    Stip Etruria nut :)

  • Admin

  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 18,683 posts
  • Location:Maastricht, Netherlands, EU
  • Flag:

Posted 23 April 2013 - 23:34

Ok, split off a new malware topic to CF.

If you can't find your post here anymore, please check the Community Feedback forum, where we will try to gather as much information as possible.

Warm regards, Wim

the Mad Dutchman
laugh a little, love a little, live a lot; laugh a lot, love a lot, live forever


#37 carlos.q

carlos.q

    Collectors Item

  • Member - Gold

  • PipPipPipPipPipPipPipPip
  • 918 posts
  • Location:On a hill in Puerto Rico
  • Flag:

Posted 24 April 2013 - 01:32

Just to inform that today I have had 2 separate incidents where I click on one of the "Recent Topics" and I am redirected to a porn site. If I go back and click it again I am taken to the proper thread. It seems that some kind of malware remains.

Edit: just read the CF thread, and it seems I am not the only one with this.. Hmmm... problem. :blush:

Edited by carlos.q, 24 April 2013 - 01:40.


#38 wimg

wimg

    Stip Etruria nut :)

  • Admin

  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 18,683 posts
  • Location:Maastricht, Netherlands, EU
  • Flag:

Posted 24 April 2013 - 10:00

Update:

We were already convinced of this, but it is confirmed: we are 100% sure now it s not FPN. Apart from the extra checks we did ourselves yesterday, the server hosting admins worked through the night to do more and very extensive server scans and checks, including checking of log files and monitoring traffic from and to FPN. The verdict: We are squeaky clean.

Anything linking to a source unexpectedly outside of FPN, is not caused by anything on or from FPN - it appears to be a cacheing and/or DNS replication problem, IOW, completely outside of FPN control.

As far as cacheing is concerned, please do clear your caches and temp files, while not being logged in to any site, just a blank browser screen. Once done, close the browser, and start again. Also, assuming you all already use anti-virus programs etc., I'd suggest you start using a firewall program as well if you don't do so already. If you don't, I'd suggest ZoneAlarm, http://www.zonealarm.com, which has two free versions available, one firewall + antivirus, and one firewall only, which are extremely effective and very easy to setup and use - highly recommended.

If it still happens after clearing your browser caches and temp files, I am afraid the DNS replication servers in your specific path to FPN are compromised. In such cases, it is best to contact your ISPs about this.

HTH, warm regards, Wim

the Mad Dutchman
laugh a little, love a little, live a lot; laugh a lot, love a lot, live forever


#39 jacksterp

jacksterp

    Vintage

  • Member - Gold

  • PipPipPipPipPipPipPip
  • 400 posts
  • Location:NC
  • Flag:

Posted 28 April 2013 - 04:37

This is one of my most favorite places on the internet. I don't understand what happened - but I'm glad you got it fixed.

 

Thanks to everyone for their hard work and dedication!


Fool me once, shame on you.
Fool me twice; damn
There goes that fox again.

#40 YeOlCaptain

YeOlCaptain

    Mint

  • Member - Silver

  • PipPipPipPip
  • 58 posts
  • Location:California
  • Flag:

Posted 27 November 2013 - 00:37

thanks



#41 YeOlCaptain

YeOlCaptain

    Mint

  • Member - Silver

  • PipPipPipPip
  • 58 posts
  • Location:California
  • Flag:

Posted 27 November 2013 - 00:38

Can this affect our computers?



#42 pakmanpony

pakmanpony

    Say that again, I have a pen here somewhere...

  • Moderators

  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 17,023 posts
  • Location:Arkansas, USA
  • Flag:

Posted 27 November 2013 - 02:44

No effect on our computers. But this happened back in April before you were a member.