UPDATE: Malware distributed through Front Page

Discussion in 'Announcements' started by SeanieB, Jul 22, 2012.

  1. Retroman

    Retroman

    Member
    718
    1
    18
    I wonder how the site got attacked in the first place?

    Wait, it didn't got attacked, a malware code was found in the wordpress login. Could it be that someone hacked it and put their malware code, or it's just a case of an infected machine?

    I would guess the answer is the infected machines accessing wordpress, maybe a member logged in to comment while not realizing the computer was infected by a type of malware, and the person didn't clear his cookies and somehow the malicious software injected a harmful code with the user session not logged out.
     
  2. SeanieB

    SeanieB

    Chief Server Monkey Administrator
    449
    0
    16
    San Diego, CA
    Fixing Sonic Retro
    No, it was vulnerable code somewhere in wordpress. It's a widespread problem as of right now.
     
  3. Crasher

    Crasher

    Why hello there! Member
    369
    0
    16
    Well, it's stopped saying: LOL MALWARE. I guess that's good.
     
  4. SeanieB

    SeanieB

    Chief Server Monkey Administrator
    449
    0
    16
    San Diego, CA
    Fixing Sonic Retro
    Okay, I've put a "dead man's switch" in place, where if code gets inserted (I am fairly sure at this point it's being done by bots) it will kill the front page, and no output will be sent at all. This should prevent the chance that infected code is ran and will provide a fail-safe until attention can be paid.
     
  5. Google's stopped giving me attack page warnings for Retro, now.
     
  6. Mecha Sally

    Mecha Sally

    Oldbie
    1,302
    1
    18
    I tried to come on here yesterday and Firefox stopped me saying there was a problem. Good thing I listened to that warning. O_O I'll still scan my computer though just to be safe. Thanks for the heads-up.
     
  7. Sun

    Sun

    Member
    34
    0
    0
    By any chance this malware could steal saved passwords in Firefox? If so, then I got a lot of pass changing to do. However, it's worth noting that my computer did NOT pick up anything when I ran that one virus scanner Retro linked to.