Jasoco Posted March 1, 2005 Share Posted March 1, 2005 I'm shocked. And I've emailed Joe Santulli about it. Apparently, someone has hacked the Title portion of the phpBB's code so instead of displaying the title, the code twhere the title belongs has been replaced with a META tag that redirects you to a page (Which I will not post here.) containing a silly little fake message telling you in order to view the forums, you need a new plug-in. It is to laugh. Due to the recent large volume of traffic we've been recieving, we have re-built our site to use a new framework which will speed things up significantly. This new system requires that you download a plugin in order to be able to access our site. Don't worry, this plugin won't harm your computer in any way, it will only enable your browser to communicate with our server more efficiently. You cannot view our site until you've installed this plugin. Make sure you chose 'run' when asked what you want to do with this file. Click here to install (147 KB) Whatever you do, DO NOT RUN this program. It is most likely spyware or a virus. Either way, being on a Mac, I'm immune, but annoyed I can't even get to the forums. But at least I can warn people. It's funny, I wonder how they did it. Whoever they is. And if you don't know what a Digital Press is, disregard this message. Okay, so I just wanted to post about it. Quote Link to comment Share on other sites More sharing options...
Thomas Jentzsch Posted March 1, 2005 Share Posted March 1, 2005 Has happened here too. http://www.atariage.com/forums/viewtopic.p...=asc&highlight= Quote Link to comment Share on other sites More sharing options...
christianscott27 Posted March 1, 2005 Share Posted March 1, 2005 from the DP yahoo group WARNING :: WARNING :: WARNING :: WARNING :: WARNING The Digital Press forums are currently asking anyone visiting to install an executable file. DO NOT DOWNLOAD OR RUN THIS PROGRAM. It contains a TROJAN DOWNLOADER program called Worm/VB.CT - this has been inserted by a phpBB exploit and is NOT something necessary to access the forums. Repeating: DO NOT DOWNLOAD OR RUN THE EXECUTABLE FILE. If you have done so, please update your antivirus and malware software and scan your system IMMEDIATELY. Earl Green a.k.a. "Phosphor Dot Fossils" Digital Press Retrogaming Roundtable Admin EG (pdf) Quote Link to comment Share on other sites More sharing options...
Sauza12 Posted March 1, 2005 Share Posted March 1, 2005 What the hell? Is someone on an unholy crusade to destroy video games? Another site I go to (rfgeneration.com) looks like it has been hacked too. Quote Link to comment Share on other sites More sharing options...
Thomas Jentzsch Posted March 1, 2005 Share Posted March 1, 2005 Both sites don't load on my PC anymore. Are they down now? Quote Link to comment Share on other sites More sharing options...
NE146 Posted March 1, 2005 Share Posted March 1, 2005 What the hell? Is someone on an unholy crusade to destroy video games? Another site I go to (rfgeneration.com) looks like it has been hacked too. Actually someone is on a crusade against phpBB boards. Maybe we should all move back to Usenet Quote Link to comment Share on other sites More sharing options...
+-^CrossBow^- Posted March 1, 2005 Share Posted March 1, 2005 Yeap...last night CAG forums were hit also. They already got it fixed and taken care of. So by the time I even found out about it...they were already back up and going strong again. But yeah..it seems strange that all these PHP based boards are getting hit like this. By any chance, do mose of these boards operate from a single PHP master server? For instance is some server involved in the PHP forum process outside of the normal host? Because this only makes sense if like one or two servers were actually targeted and hit and then of course it probagated to all Forums networking through them. Quote Link to comment Share on other sites More sharing options...
Albert Posted March 1, 2005 Share Posted March 1, 2005 But yeah..it seems strange that all these PHP based boards are getting hit like this. By any chance, do mose of these boards operate from a single PHP master server? For instance is some server involved in the PHP forum process outside of the normal host? Nope, all these servers run independently of one another and they were all hacked separately. After examining our server logs, it became obvious that someone simply stepped through the list of phpBB forums at big-boards.com. After I fixed our forums, I took a look through the forums linked at big-boards.com, and many of them were also hacked in the same fashion (this includes DP, which is on the list). phpBB has been a big target lately for exploits of this nature. It seems to be the Microsoft Windows of forum software. I'll be glad when we get the hell away from it. ..Al Quote Link to comment Share on other sites More sharing options...
Hydian Posted March 2, 2005 Share Posted March 2, 2005 They're using google to find phpbb sites. It's a known vulnerability and a patch has been available for a while. Our guild site was hit a little while back as well. Quote Link to comment Share on other sites More sharing options...
Albert Posted March 2, 2005 Share Posted March 2, 2005 They're using google to find phpbb sites. It's a known vulnerability and a patch has been available for a while. Our guild site was hit a little while back as well. This is actually an entirely different vulnerability that was only revealed on Sunday (two days ago). ..Al Quote Link to comment Share on other sites More sharing options...
Crimefighter Posted March 2, 2005 Share Posted March 2, 2005 phpBB is crap. Quote Link to comment Share on other sites More sharing options...
Jasoco Posted March 2, 2005 Author Share Posted March 2, 2005 If you guys do decide to switch to a new software, make sure you use one that can import all our info like MacAddict did. Nothing worse or more of a turn off than an empty forum, especially to newcomers. Quote Link to comment Share on other sites More sharing options...
Albert Posted March 2, 2005 Share Posted March 2, 2005 If you guys do decide to switch to a new software, make sure you use one that can import all our info like MacAddict did. Nothing worse or more of a turn off than an empty forum, especially to newcomers. We long ago decided to move to new software because of other, entirely different problems with phpBB. However, nothing lights a fire under your ass like actually getting your forum hacked. ..Al Quote Link to comment Share on other sites More sharing options...
liquid_sky Posted March 2, 2005 Share Posted March 2, 2005 If you guys do decide to switch to a new software, make sure you use one that can import all our info like MacAddict did. Nothing worse or more of a turn off than an empty forum, especially to newcomers. We long ago decided to move to new software because of other, entirely different problems with phpBB. However, nothing lights a fire under your ass like actually getting your forum hacked. ..Al Do you think that Invision's liscensing is set up to better inform users of problems before things like this arise? Quote Link to comment Share on other sites More sharing options...
NE146 Posted March 2, 2005 Share Posted March 2, 2005 Hey for kicks you should just go back to the Nexus style forums and see what people say Quote Link to comment Share on other sites More sharing options...
Albert Posted March 2, 2005 Share Posted March 2, 2005 Do you think that Invision's liscensing is set up to better inform users of problems before things like this arise? No, not really. I have seen some patches released for IPB, but I don't think it's being targeted by hackers as heavily as phpBB is. Because IPB is no longer free, it will not be used by as many sites as phpBB, and it's often the most visible target (phpBB in this case) that gets attacked. It's also possible that the phpBB code has more vulnerabilities in it, but that's a difficult thing to prove. ..Al Quote Link to comment Share on other sites More sharing options...
liquid_sky Posted March 2, 2005 Share Posted March 2, 2005 Do you think that Invision's liscensing is set up to better inform users of problems before things like this arise? No, not really. I have seen some patches released for IPB, but I don't think it's being targeted by hackers as heavily as phpBB is. Because IPB is no longer free, it will not be used by as many sites as phpBB, and it's often the most visible target (phpBB in this case) that gets attacked. It's also possible that the phpBB code has more vulnerabilities in it, but that's a difficult thing to prove. ..Al Yeah, it could be argued either way that the open source nature (Or IS phpbb open? I forger) gave people more chances to try exploits but at the same time should give the community a chance to see these bugs prior to migrating the software all over the web. Quote Link to comment Share on other sites More sharing options...
Albert Posted March 2, 2005 Share Posted March 2, 2005 Hey for kicks you should just go back to the Nexus style forums and see what people say I have a feeling they would not be saying very much at all. ..Al Quote Link to comment Share on other sites More sharing options...
Albert Posted March 2, 2005 Share Posted March 2, 2005 Yeah, it could be argued either way that the open source nature (Or IS phpbb open? I forger) gave people more chances to try exploits but at the same time should give the community a chance to see these bugs prior to migrating the software all over the web. The source code for both forums is available, I don't think that alone has any bearing on the large number of phpBB exploits. IPB is a commercial application, yes, but you can view the code for it just as easily as you can for phpBB. ..Al Quote Link to comment Share on other sites More sharing options...
Albert Posted March 2, 2005 Share Posted March 2, 2005 Whoops, I spoke a bit too soon, looks IPB is now encoding the trial versions with Zend and Ion Cube to prevent you from looking at the source until you purchase it. ..Al Quote Link to comment Share on other sites More sharing options...
+Mitch Posted March 2, 2005 Share Posted March 2, 2005 Hey for kicks you should just go back to the Nexus style forums and see what people say Hmm, are you talking about the original Nexus boards? I think those were on some freebee public message board. Man that was along time ago... Anyone else still around from those days? Mitch Quote Link to comment Share on other sites More sharing options...
+-^CrossBow^- Posted March 2, 2005 Share Posted March 2, 2005 Hmm, are you talking about the original Nexus boards? I think those were on some freebee public message board. Man that was along time ago... Anyone else still around from those days? <---- me raises hand.... Quote Link to comment Share on other sites More sharing options...
Thomas Jentzsch Posted March 2, 2005 Share Posted March 2, 2005 Yup. Quote Link to comment Share on other sites More sharing options...
vb_master Posted March 2, 2005 Share Posted March 2, 2005 When's the forum update? Quote Link to comment Share on other sites More sharing options...
Hydian Posted March 2, 2005 Share Posted March 2, 2005 Did they release a patch Al, or just a warning? It's only a matter of time before they get back around to us I guess. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.