Welcome, Guest. Please login or register.

Author Topic: "Amibay Hacked Beware ! "  (Read 2748 times)

Description:

0 Members and 1 Guest are viewing this topic.

Offline rockapeTopic starter

  • Sr. Member
  • ****
  • Join Date: Nov 2005
  • Posts: 383
    • Show only replies by rockape
    • http://lincsamiga.org.uk/
"Amibay Hacked Beware ! "
« on: May 12, 2012, 12:04:09 AM »
Hi,

I tried logging into Amibay using an A1200 and got:

"Unable to add cookies, header already sent.
File: /homepages/1/d277227762/htdocs/amibay/forum/index.php(1) : eval()'d code
Line: 7"

Regards, Michael

aka rockape
"A veteran is someone who, at one point in their life wrote a blank check made payable to \'Their Country\' for an amount of \'up to and including their life\'.
 

Offline CritAnime

  • Previous Life Time Member
  • Hero Member
  • *****
  • Join Date: Jun 2011
  • Posts: 1143
    • Show only replies by CritAnime
Re: "Amibay Hacked Beware ! "
« Reply #1 on: May 12, 2012, 12:16:52 AM »
Thats two Amiga websites going squiffy.

Offline orb85750

  • Hero Member
  • *****
  • Join Date: Aug 2007
  • Posts: 1237
    • Show only replies by orb85750
Re: "Amibay Hacked Beware ! "
« Reply #2 on: May 12, 2012, 12:19:22 AM »
"Threat has been detected," says AVAST.
 

Offline Akiko

  • Hero Member
  • *****
  • Join Date: Jun 2002
  • Posts: 1026
    • Show only replies by Akiko
Re: "Amibay Hacked Beware ! "
« Reply #3 on: May 12, 2012, 12:53:17 AM »
Quote from: orb85750;692809
"Threat has been detected," says AVAST.


Got the same warning.
 

Offline Duce

  • Off to greener pastures
  • Hero Member
  • *****
  • Join Date: Jul 2009
  • Posts: 1699
    • Show only replies by Duce
    • http://amigabbs.blogspot.com/
Re: "Amibay Hacked Beware ! "
« Reply #4 on: May 12, 2012, 12:57:44 AM »
Yep - avoid it.
 

Offline mfilos

  • Hero Member
  • *****
  • Join Date: Aug 2005
  • Posts: 662
    • Show only replies by mfilos
    • http://mfilos.blogspot.com/
Re: "Amibay Hacked Beware ! "
« Reply #5 on: May 12, 2012, 06:31:45 AM »
Root indeed has issues but you can log at any Amibay address (for example new threads) just fine:
http://www.amibay.com/search.php?do=getnew

It seems that the initial page only has the issues and it's currently being looked for fixing.
Visit my Amiga blog here
- A600: Vampire V3, 128MB, A604n, 16GB CF, Indivision ECS, RapidRoad, MAS-Player + Custom Audio Mixer (internal), HxC SD + Slim floppy (internal)
 

Offline Lurch

  • Lifetime Member
  • Hero Member
  • *****
  • Join Date: Dec 2003
  • Posts: 1716
    • Show only replies by Lurch
Re: "Amibay Hacked Beware ! "
« Reply #6 on: May 12, 2012, 08:13:12 AM »
Hacked websites yet nobody appears to be overally concerned or upset? What has amiga.org got in place?

Aminet Amibay... someone is upset :-(
-=[LurcH]=-
A500 Plus Black 030@40MHz 128MB | A1200T 060@80MHz 320MB | Pegasos II G4@1GHz 1GB  | Amiga Future Sub
 

Offline WotTheFook

  • Full Member
  • ***
  • Join Date: Mar 2007
  • Posts: 159
    • Show only replies by WotTheFook
    • http://www.amibay.com
Re: "Amibay Hacked Beware ! "
« Reply #7 on: May 12, 2012, 11:22:54 AM »
It's not just Amiga sites (although you forgot ClassiAmiga that has also been hit).

Lots of sites are getting hacked in recent days, and not just vBulletin, but also WordPress, Joomla, and lots of others including popular ecommerce sites.

It's a random, 'carpet bombing' style of attack. A.org isn't safe from this either.

WotTheFook aka Merlin
 

Offline golem

  • Sr. Member
  • ****
  • Join Date: May 2002
  • Posts: 430
    • Show only replies by golem
Re: "Amibay Hacked Beware ! "
« Reply #8 on: May 12, 2012, 01:16:44 PM »
McAfee detects trojan JS-Exploit/Blacole.x
                                                             
A1200 desktop, Blizzard 1260, OS3.9BB2, Indivision Mk II, SCSI Jaz, Ethernet
A1200 desktop, Blizzard 1230, OS3.1, Ethernet
A500, OS1.3
 

Offline TheMagicM

  • Hero Member
  • *****
  • Join Date: Feb 2002
  • Posts: 2857
    • Show only replies by TheMagicM
    • http://www.BartonekDragRacing.com
Re: "Amibay Hacked Beware ! "
« Reply #9 on: May 12, 2012, 01:30:55 PM »
I manage a few servers I built for customers.. they had that happen also, but it wasnt the server and site that was hacked... but the adware system that was installed.  As soon as you hit the site, it would want you to download an executable..which was a virus. Once I removed the "adware banners" software, cleaned up the database where adware banners kept its data, it was all good.
PowerMac G5 dual 2.0ghz/128meg Radeon/500gb HD/2GB RAM, MorphOS 3.9 registered, user #1900
Powerbook G4 5,6 1.67ghz/2gb RAM, Radeon 9700/250gb hd, MorphOS 3.9 registered #3143
 

Offline Piru

  • \' union select name,pwd--
  • Hero Member
  • *****
  • Join Date: Aug 2002
  • Posts: 6946
    • Show only replies by Piru
    • http://www.iki.fi/sintonen/
Re: "Amibay Hacked Beware ! "
« Reply #10 on: May 12, 2012, 01:44:40 PM »
Quote from: TheMagicM;692911
I manage a few servers I built for customers.. they had that happen also, but it wasnt the server and site that was hacked... but the adware system that was installed.  As soon as you hit the site, it would want you to download an executable..which was a virus. Once I removed the "adware banners" software, cleaned up the database where adware banners kept its data, it was all good.

OpenX by any chance?

OpenX had a nasty Cross-Site Request Forgery vulnerability that's being exploited: http://www.infosecisland.com/blogview/21172-OpenX-CSRF-Vulnerability-Being-Actively-Exploited.html

However at least aminet incident wasn't case of OpenX banner since the actual site served the malicious javascript.
« Last Edit: May 12, 2012, 01:46:43 PM by Piru »