Author Topic: Virus  (Read 2033 times)

0 Members and 1 Guest are viewing this topic.

Offline Rick Couchman

  • Administrator
  • Rookie
  • *****
  • Posts: 931
    • View Profile
Virus
« on: December 02, 2014, 11:17:06 AM »
Our server got hacked a few weeks ago.  There's a lingering file somewhere on our server that is still listed as malware.  Problem is I don't know where it is - a few people here have said a warning comes up.

If you see a warning - please lemme know the details that you see - name of the virus alert, whether it's on our front page of TMLfans, or if it's in the forums - and does it come up on a specific thread or forum??

Thanks!

Offline Heroic Shrimp

  • Veteran
  • ****
  • Posts: 2664
    • View Profile
Re: Virus
« Reply #1 on: December 02, 2014, 11:39:24 AM »
My alert to "Mal/HTML-Gen-A" came up when refreshing "recent posts" in the forums.
Supersize my Freedom Fries

Offline Rick Couchman

  • Administrator
  • Rookie
  • *****
  • Posts: 931
    • View Profile
Re: Virus
« Reply #2 on: December 02, 2014, 11:48:46 AM »
Hmm.  That's a start!  Anyone else get any warnings of any kid?  I can't seem to find the one HS found.  I need better scanning!!

Offline LittleHockeyFan

  • BearyBest Leaf Fan
  • Global Moderator
  • Veteran
  • *****
  • Posts: 3668
  • game ON!
    • View Profile
Re: Virus
« Reply #3 on: December 02, 2014, 01:33:20 PM »
I'm on a Mac, but I have to admit that for the first time in my entire computer using life, we had a virus on one up until yesterday. It was on my safari, buggered up my google (kept defaulting to bing, even though I set google as the preferred search engine...) I don't remember exactly what it was but it had minbari in its name... and it was targetting OSX specifically.  If that helps you at all....... (I'm not saying I got the virus from here, but I did apparently download it from someplace)

Offline Rick Couchman

  • Administrator
  • Rookie
  • *****
  • Posts: 931
    • View Profile
Re: Virus
« Reply #4 on: December 02, 2014, 01:38:55 PM »
The hack & virus that got us was an automated phishing one.  Some lowlife hacked into the server then used scripts that created fake bank pages.  Ever seen an email in your spam mailbox that says "Your account at XXX bank has been changed.  Please log in here".  That place you then supposedly go to is on a hacked fake page on our server ;)  The lowlife gets your real login and password from this page, then THEY go to the real bank page and use your login/password to access your account.

Offline Heroic Shrimp

  • Veteran
  • ****
  • Posts: 2664
    • View Profile
Re: Virus
« Reply #5 on: December 02, 2014, 01:45:36 PM »
The hack & virus that got us was an automated phishing one.  Some lowlife hacked into the server then used scripts that created fake bank pages.  Ever seen an email in your spam mailbox that says "Your account at XXX bank has been changed.  Please log in here".  That place you then supposedly go to is on a hacked fake page on our server ;)  The lowlife gets your real login and password from this page, then THEY go to the real bank page and use your login/password to access your account.
Wait a second... you're telling me I can no longer do my RBC banking at TMLfans.ca...?
Supersize my Freedom Fries

Offline Rick Couchman

  • Administrator
  • Rookie
  • *****
  • Posts: 931
    • View Profile
Re: Virus
« Reply #6 on: December 02, 2014, 01:49:00 PM »
Wait a second... you're telling me I can no longer do my RBC banking at TMLfans.ca...?
The International Bank of Couchman   8)
« Last Edit: December 02, 2014, 01:54:38 PM by Rick »

Offline LittleHockeyFan

  • BearyBest Leaf Fan
  • Global Moderator
  • Veteran
  • *****
  • Posts: 3668
  • game ON!
    • View Profile
Re: Virus
« Reply #7 on: December 02, 2014, 03:50:52 PM »
Wait a second... you're telling me I can no longer do my RBC banking at TMLfans.ca...?
The International Bank of Couchman   8)

LMAO

Online herman

  • All Star
  • *****
  • Posts: 7865
  • Gender: Male
    • View Profile
Re: Virus
« Reply #8 on: December 02, 2014, 06:26:07 PM »
My alert to "Mal/HTML-Gen-A" came up when refreshing "recent posts" in the forums.

My anti-virus (Sophos) is blocking the tmlfans domain for the above piece of malware. You can submit a Reassessment Request with them to see if the virus remnant is still lingering. From what their forums say, they might be able to help you clear it up if it turns out to still be on your web server, or remove your domain from the naughty list.

Offline Heroic Shrimp

  • Veteran
  • ****
  • Posts: 2664
    • View Profile
Re: Virus
« Reply #9 on: December 03, 2014, 08:52:49 AM »
My alert to "Mal/HTML-Gen-A" came up when refreshing "recent posts" in the forums.

My anti-virus (Sophos) is blocking the tmlfans domain for the above piece of malware. You can submit a Reassessment Request with them to see if the virus remnant is still lingering. From what their forums say, they might be able to help you clear it up if it turns out to still be on your web server, or remove your domain from the naughty list.
Same antivirus and response for me. I sent a reassessment request last night. I'll let the forum know if I get a response.
Supersize my Freedom Fries

Offline Heroic Shrimp

  • Veteran
  • ****
  • Posts: 2664
    • View Profile
Re: Virus
« Reply #10 on: December 03, 2014, 11:11:26 AM »
My alert to "Mal/HTML-Gen-A" came up when refreshing "recent posts" in the forums.

My anti-virus (Sophos) is blocking the tmlfans domain for the above piece of malware. You can submit a Reassessment Request with them to see if the virus remnant is still lingering. From what their forums say, they might be able to help you clear it up if it turns out to still be on your web server, or remove your domain from the naughty list.

Same antivirus and response for me. I sent a reassessment request last night. I'll let the forum know if I get a response.

No direct response from Sophos at this time, although my computer does now directly access the forums again without being blocked or warned.
Supersize my Freedom Fries

Offline Rick Couchman

  • Administrator
  • Rookie
  • *****
  • Posts: 931
    • View Profile
Re: Virus
« Reply #11 on: December 03, 2014, 01:07:19 PM »
Are the virus warnings gone today?  Anyone?  I did a HUGE overhaul last night.

Offline Heroic Shrimp

  • Veteran
  • ****
  • Posts: 2664
    • View Profile
Re: Virus
« Reply #12 on: December 03, 2014, 04:06:50 PM »
Are the virus warnings gone today?  Anyone?  I did a HUGE overhaul last night.

I'm all clear today, thank you.
Supersize my Freedom Fries

Offline seahawk

  • Site Contributor
  • Rookie
  • *
  • Posts: 877
  • Gender: Male
    • View Profile
Re: Virus
« Reply #13 on: December 05, 2014, 10:16:16 AM »
I'm still getting warnings through Norton, but just found how to resubmit the site for review.

Rick, the site report also mentions this, "http://tmlfans.ca/g_doc/index.php" if that helps at all.
« Last Edit: December 05, 2014, 10:19:13 AM by seahawk »

TMLfans.ca

Re: Virus
« Reply #13 on: December 05, 2014, 10:16:16 AM »