Page Index Toggle Pages: 1 [2] 
There are no actions to perform.
Very Hot Topic (More than 25 Replies) Grrrr - another Server Farm blitzo - (Read 6,840 times)
Elrick.
Forum Moderator
YaBB Moderators
Beta Testers
*****
Offline



Posts: 170
Location: Edge of the Abyss

YaBB 2.6.1
Re: Grrrr - another Server Farm blitzo -
Reply #15 - Feb 2nd, 2013 at 3:18pm
There are no actions to perform.
Quick and effective actions Jon. You could have had a lying in for a while were it not for those hackers!. Wink áYou can set up 'cron jobs' in cpanel. Those are scripts that run at specific commands on htacces file and send the hackers a nice present (like run disk reconfig)!!! with a bit of malware from your thoughts!! Roll Eyes So they wont forget you!!.

Time to reconsider Admin Update Insert as optional?
  

There is no direct experience of reality without interpretation; and all interpretation is corrupted by the cultural and personal prejudices or prejudgments of the interpreter. ~ Elrick
Back to top
 
IP Logged
 
Bill Myers
God Member
Beta Testers
*****
Offline



Posts: 1,816
Location: Los Angeles

YaBB 2.4
Re: Grrrr - another Server Farm blitzo -
Reply #16 - Feb 14th, 2013 at 9:32am
There are no actions to perform.
Jon, this forum is obviously up for me as of this post, but recently a couple of people seem to be having some trouble with it if you want to check things out.

Source:
Quote:
It seems the jackwads have jacked up yabbforum.com again. (Spammers)

Source:
Quote:
She's gone under again.

If it means anything, I am noticing something strange in the upper left hand corner of this forum. Maybe that will give you a clue about what could be happening, if anything is happening.

After all, as of this post at least, this forum is up for me.

Edited:
Upper left hand corner while using Chrome, Firefox, and Safari (looks kind of like a line of periods in Firefox). Internet Explorer seems fine, but it's actually happening with that browser as well (it simply disappears very quickly).

« Last Edit: Feb 14th, 2013 at 9:45am by Bill Myers »  

Morning, noon, or night, have a great one!

Note: Like most others, this forum doesn't allow us to freely edit our posts or topics to make corrections as needed, so please remember to look for subsequent posts if you see any mistakes or outdated information. Sorry for the inconvenience.
Back to top
IP Logged
 
Derek Bullock
Ex Member


Re: Grrrr - another Server Farm blitzo -
Reply #17 - Feb 14th, 2013 at 9:56am
There are no actions to perform.
As of this very moment it is still not right.  I have bypassed my security settings to post this. Here is the warning.
  

attacks.png ( 59 KB | 59 Downloads )
attacks.png
Back to top
 
IP Logged
 
Derek Bullock
Ex Member


Re: Grrrr - another Server Farm blitzo -
Reply #18 - Feb 14th, 2013 at 9:57am
There are no actions to perform.
Same warning is coming up in my forum admin page
  
Back to top
 
IP Logged
 
Bill Myers
God Member
Beta Testers
*****
Offline



Posts: 1,816
Location: Los Angeles

YaBB 2.4
Re: Grrrr - another Server Farm blitzo -
Reply #19 - Feb 14th, 2013 at 10:06am
There are no actions to perform.
Quote:
As of this very moment it is still not right. áI have bypassed my security settings to post this. Here is the warning.

I can confirm what Derek has reported. I had forgotten this happened to me earlier, which is why I didn't report it here.

What I ended up doing was going through the process of that warning, and then clicking the link that stated yabbforum.com is not an attack site.

I should point out, too, that I got an online message after my report telling me that yabbforum.com was clear, and that it's not an attack site. So I don't know why that message is coming up.

I think what may have happened was that the spammers who got through numerous times back on February 1st caused this forum to be temporarily listed as an attack site.

« Last Edit: Feb 14th, 2013 at 10:33am by Bill Myers »  

Morning, noon, or night, have a great one!

Note: Like most others, this forum doesn't allow us to freely edit our posts or topics to make corrections as needed, so please remember to look for subsequent posts if you see any mistakes or outdated information. Sorry for the inconvenience.
Back to top
IP Logged
 
Derek Bullock
Ex Member


Re: Grrrr - another Server Farm blitzo -
Reply #20 - Feb 14th, 2013 at 10:16am
There are no actions to perform.
All back to normal now.  Wish I had of captured the details from the warning page.  It definitely came from Google.

Also gone from my forum admin page.

To me what it says is the spammers are getting serious because we are being successful in stopping them from registering and posting. Smiley
  
Back to top
 
IP Logged
 
Derek Bullock
Ex Member


Re: Grrrr - another Server Farm blitzo -
Reply #21 - Feb 14th, 2013 at 10:18am
There are no actions to perform.
Quote:
All back to normal now. áWish I had of captured the details from the warning page. áIt definitely came from Google.

Also gone from my forum admin page.

To me what it says is the spammers are getting serious because we are being successful in stopping them from registering and posting. Smiley


I take that back my forum admin is trying to redirect to gabriellerosephotography.com

This sux
  
Back to top
 
IP Logged
 
Bill Myers
God Member
Beta Testers
*****
Offline



Posts: 1,816
Location: Los Angeles

YaBB 2.4
Re: Grrrr - another Server Farm blitzo -
Reply #22 - Feb 14th, 2013 at 10:28am
There are no actions to perform.
Quote:
I take that back my forum admin is trying to redirect to

Our 2.4 forum admin is operating normally. I wonder if this has anything to do with version 2.5.2 and how it relates to respective "What's new at YaBB?" sections?

In other words, can it be that malicious code has gotten through to this forum again, and as such, it would be getting through to every forum that opens its respective Admin Centers?

If so, is this affecting just 2.5.2 or previous versions as well since the same news/page feed would be coming through?

Maybe Jon can shed light on what could be going on.

Edited:
And he has! Smiley

JonB wrote on Feb 14th, 2013 at 6:02pm:
I can say this - I know exactly 'what' is happening (and what files get injections).


« Last Edit: Feb 14th, 2013 at 7:44pm by Bill Myers »  

Morning, noon, or night, have a great one!

Note: Like most others, this forum doesn't allow us to freely edit our posts or topics to make corrections as needed, so please remember to look for subsequent posts if you see any mistakes or outdated information. Sorry for the inconvenience.
Back to top
IP Logged
 
westwegoman
Ex Member
**




None
Re: Grrrr - another Server Farm blitzo -
Reply #23 - Feb 14th, 2013 at 11:51am
There are no actions to perform.
It affects my admin centers every time yabbforum gets hacked. I have removed most of the links in the admin center, which has stopped it for the most part.

2.5AE and 2.5.2
  
Back to top
 
IP Logged
 
Derek Bullock
Ex Member


Re: Grrrr - another Server Farm blitzo -
Reply #24 - Feb 14th, 2013 at 1:48pm
There are no actions to perform.
Quote:
I take that back my forum admin is trying to redirect to gabriellerosephotography.com


Have located the code where this is coming from and posted it up on the Team Board for Jon to play with when he comes online.
  
Back to top
 
IP Logged
 
Dandello
YaBB Administrator
YaBB Next Team
Operations Team
Beta Testers
Support Team
*****
Offline



Posts: 2,765
Location: Earth

YaBB 2.6.1
Re: Grrrr - another Server Farm blitzo -
Reply #25 - Feb 14th, 2013 at 4:15pm
There are no actions to perform.
2.5.2 is running the same Admin.pl as 2.5AE - and the differences in code between 2.4 and 2.5 is cosmetic, not functional.
  

If you only have one solution to a problem you're not trying hard enough!
Back to top
WWW  
IP Logged
 
JonB
YaBB Administrator
YaBB Next Team
Operations Team
Beta Testers
Support Team
*****
Offline



Posts: 4,201
Location: Land of the Blazing Sun!

YaBB 2.6.1
Re: Grrrr - another Server Farm blitzo -
Reply #26 - Feb 14th, 2013 at 5:11pm
There are no actions to perform.
YET AGAIN

same dog poop - now cleaned up

Chief dog poop collector
Angry

  

yabb_clean-4_001.png ( 112 KB | 59 Downloads )
yabb_clean-4_001.png

I find your lack of faith disturbing.
Back to top
IP Logged
 
JonB
YaBB Administrator
YaBB Next Team
Operations Team
Beta Testers
Support Team
*****
Offline



Posts: 4,201
Location: Land of the Blazing Sun!

YaBB 2.6.1
Re: Grrrr - another Server Farm blitzo -
Reply #27 - Feb 14th, 2013 at 5:16pm
There are no actions to perform.
I think I know what the hack is, but I do not have any of the needed resources to fully investigate and cure the problem - only the host is in that position.

But I will continue being the feces warden.

Lips Sealed

  

I find your lack of faith disturbing.
Back to top
IP Logged
 
Page Index Toggle Pages: 1 [2] 
There are no actions to perform.
Bookmarks: del.icio.us Digg Facebook Google Google+ Linked in reddit StumbleUpon Twitter Yahoo