Requesting a little more info on our hacker....

[tobaccoleaf1]

Why would someone want to hack cigarpass? What do they stand to gain? The only real sensitive info is our e-mail addresses...Rod mentioned something about a virus, any one seeing symptoms? Do we know what virus this is? Just curious as to the motive for hacking us bunch of smokin' fools...


Ian

 

[Matt R]

They use the e-mail database to send out spyware/spam.

 

[CoventryCat86]

Many other Invision board were hacked recently.

 

[Rod]

We've applied all updates to the board, and at this time are "hack-proof" as we know it. The hacker didn't upload a virus to the site, rather, changed a setting so that when you login as a member, it forwards you to a website which is full of virus's. The hacker did not gain any personal information. I am very sorry for those who were infected. We'll do our best on this end to make sure it never happens again.

As to who it was is anyone's guess. I traced the IP back to Russia. Usually people who hack forums are script-kiddies who have nothing better to do. Usually 12 or 13 years old, they get their hands on a hacking script, and they see screwing other people as fun.

 

[Devil Doc]

Going on the internet with out AV protection is like going to Naples without condoms. Freakin' dumb. If someone here got infected it's no one's fault but your own.

Doc.

 

[Tenpin]

Going on the internet with out AV protection is like going to Naples without condoms. Freakin' dumb. If someone here got infected it's no one's fault but your own.

Doc.

I run Norton (up to date) and some of the viruses still got through.
They did appear to clean up successfully tho, when I ran a scan.

Jim

 

[junkman_56]

McAfee VirusScan has "On Access" scan that checks everything coming across my internet connection before it reaches the computer.
It caught all the viruses, deleted them and displayed what was deleted.
I forwarded this info to Rod on the day of the attack.

 

[AVB]

Hackers hack because they can. The resultent fallout isn't important as long as you can claim to have done it.

 

[Mrepp]

Going on the internet with out AV protection is like going to Naples without condoms. Freakin' dumb. If someone here got infected it's no one's fault but your own.

Doc.

How often dose one get laid in Naples by a complete stranger?

 

[Zeebra]

Going on the internet with out AV protection is like going to Naples without condoms. Freakin' dumb. If someone here got infected it's no one's fault but your own.

Doc.

How often dose one get laid in Naples by a complete stranger?

Speak for yourself! :whistling:

 

[Devil Doc]

Going on the internet with out AV protection is like going to Naples without condoms. Freakin' dumb. If someone here got infected it's no one's fault but your own.

Doc.

How often dose one get laid in Naples by a complete stranger?

Perhaps you should consult the 6th Fleet. :whistling:

Doc.

 

[centurycigar]

I got nailed even with AVG and Windows Defender, Ive run scans and its seems that the virus wants to stick around.
Not sure if its a virus, AVG keeps finding Java/Byteverify ! Not sure what this is.
Can anybody give me some advice?

 

[NullSmurf]

We've applied all updates to the board, and at this time are "hack-proof" as we know it. The hacker didn't upload a virus to the site, rather, changed a setting so that when you login as a member, it forwards you to a website which is full of virus's. The hacker did not gain any personal information. I am very sorry for those who were infected. We'll do our best on this end to make sure it never happens again.

As to who it was is anyone's guess. I traced the IP back to Russia. Usually people who hack forums are script-kiddies who have nothing better to do. Usually 12 or 13 years old, they get their hands on a hacking script, and they see screwing other people as fun.

Its possible that the source IP was spoofed, but also possible that the attacker in RU land didn't care if you trace. RU providers don't play well in the global sandbox, and the majority of tier 1 providers don't have the balls to do anything about it. Black holing (bad guy) IP space at the Tier 1 level is almost unheard of since its too easy to hide the real source. Pray for IPv6!

I believe CP was never actually touched by a human, but rather by a script developed by one of those scum de la scum with the skills. CP got hit within a day of Invision becoming aware of the script, well prior to Rod being able to deploy the patch. I use a PHPBB2 and see scripts against my shields every hour of every day.

As to the individual attack, I'll speculate that the writer was after marketable information, not from the board, but from you. The trojan most likely didn't have access to our info directly, but was able to transmit an admin email to us with the links. It was also able to rewrite some code to redirect you to his trap site. Had you actually loaded any of the trojans on the attacker site, you might want to watch your credit card bills.

I almost never surf using IE. I use FF and Netscape. I have a family subscription to McAfee and am configured to check for updates twice a day.

 

[Mrepp]

Going on the internet with out AV protection is like going to Naples without condoms. Freakin' dumb. If someone here got infected it's no one's fault but your own.

Doc.

How often dose one get laid in Naples by a complete stranger?

Perhaps you should consult the 6th Fleet. :whistling:

Doc.

Ah that fleet, that explains you contest awhile back:

“why dose it hurt when I pee”

 

[muddstick]

Going on the internet with out AV protection is like going to Naples without condoms. Freakin' dumb. If someone here got infected it's no one's fault but your own.

Doc.

What do I care....I am never going back there again! :laugh:

 

[Pompous Pugs]

I got hit by the virus twice. Good Old Norton popped up a sign saying "Virus Detected, Unable to delete." Of course the idiot I am came back to CPass a second time thinking that surely it was a mistake.

Was able to remove it--i think. Trojan Horse (xpladv553[1].wmf)

My theory is that Norton Anti-virus has an entire floor for virus developers to create new viruses so that they can suck an annual fee out of us users.

 

[OpusXKC]

All I have to say is Linux. Virus? What's a virus :laugh:

 

[Wurm]

All I have to say is Linux. Virus? What's a virus :laugh:

Sorry man, there are plenty of linux viruses out there, and more are being programmed every day.

And since IBM decided to switch completely to Redhat (good news IMO) more larger corperations are going to make the switch and the more interest the virus writing dickweeds will be motivated to bring new ones into the wild.

 

[Zeebra]

All I have to say is Linux. Virus? What's a virus :laugh:

Sorry man, there are plenty of linux viruses out there, and more are being programmed every day.

And since IBM decided to switch completely to Redhat (good news IMO) more larger corperations are going to make the switch and the more interest the virus writing dickweeds will be motivated to bring new ones into the wild.

I work for IBM and I haven't heard about switching over to Linux? ???

 

[Wurm]

I got nailed even with AVG and Windows Defender, Ive run scans and its seems that the virus wants to stick around.
Not sure if its a virus, AVG keeps finding Java/Byteverify ! Not sure what this is.
Can anybody give me some advice?

How up to date was your AVG? Mine stopped it dead in its tracks.

Tryout SPYBOT

http://www.safer-networking.org/

It might get rid of it for you if your AVG can't / won't.

All I have to say is Linux. Virus? What's a virus :laugh:

Sorry man, there are plenty of linux viruses out there, and more are being programmed every day.

And since IBM decided to switch completely to Redhat (good news IMO) more larger corperations are going to make the switch and the more interest the virus writing dickweeds will be motivated to bring new ones into the wild.

I work for IBM and I haven't heard about switching over to Linux? ???

http://www.neoseeker.com/news/story/5436/

It might just be in Germany, but we shall see...