Amiga.org

Amiga computer related discussion => General chat about Amiga topics => Topic started by: rockape on May 12, 2012, 12:04:09 AM

Title: "Amibay Hacked Beware ! "
Post by: rockape on May 12, 2012, 12:04:09 AM

Hi,

I tried logging into Amibay using an A1200 and got:

"Unable to add cookies, header already sent.
File: /homepages/1/d277227762/htdocs/amibay/forum/index.php(1) : eval()'d code
Line: 7"

Regards, Michael

aka rockape

Title: Re: "Amibay Hacked Beware ! "
Post by: CritAnime on May 12, 2012, 12:16:52 AM

Thats two Amiga websites going squiffy.

Title: Re: "Amibay Hacked Beware ! "
Post by: orb85750 on May 12, 2012, 12:19:22 AM

"Threat has been detected," says AVAST.

Title: Re: "Amibay Hacked Beware ! "
Post by: Akiko on May 12, 2012, 12:53:17 AM

Quote from: orb85750;692809

"Threat has been detected," says AVAST.

Got the same warning.

Title: Re: "Amibay Hacked Beware ! "
Post by: Duce on May 12, 2012, 12:57:44 AM

Yep - avoid it.

Title: Re: "Amibay Hacked Beware ! "
Post by: mfilos on May 12, 2012, 06:31:45 AM

Root indeed has issues but you can log at any Amibay address (for example new threads) just fine:
http://www.amibay.com/search.php?do=getnew

It seems that the initial page only has the issues and it's currently being looked for fixing.

Title: Re: "Amibay Hacked Beware ! "
Post by: Lurch on May 12, 2012, 08:13:12 AM

Hacked websites yet nobody appears to be overally concerned or upset? What has amiga.org got in place?

Aminet Amibay... someone is upset :-(

Title: Re: "Amibay Hacked Beware ! "
Post by: WotTheFook on May 12, 2012, 11:22:54 AM

It's not just Amiga sites (although you forgot ClassiAmiga that has also been hit).

Lots of sites are getting hacked in recent days, and not just vBulletin, but also WordPress, Joomla, and lots of others including popular ecommerce sites.

It's a random, 'carpet bombing' style of attack. A.org isn't safe from this either.

WotTheFook aka Merlin

Title: Re: "Amibay Hacked Beware ! "
Post by: golem on May 12, 2012, 01:16:44 PM

McAfee detects trojan JS-Exploit/Blacole.x

Title: Re: "Amibay Hacked Beware ! "
Post by: TheMagicM on May 12, 2012, 01:30:55 PM

I manage a few servers I built for customers.. they had that happen also, but it wasnt the server and site that was hacked... but the adware system that was installed.  As soon as you hit the site, it would want you to download an executable..which was a virus. Once I removed the "adware banners" software, cleaned up the database where adware banners kept its data, it was all good.

Title: Re: "Amibay Hacked Beware ! "
Post by: Piru on May 12, 2012, 01:44:40 PM

Quote from: TheMagicM;692911

I manage a few servers I built for customers.. they had that happen also, but it wasnt the server and site that was hacked... but the adware system that was installed.  As soon as you hit the site, it would want you to download an executable..which was a virus. Once I removed the "adware banners" software, cleaned up the database where adware banners kept its data, it was all good.

OpenX by any chance?

OpenX had a nasty Cross-Site Request Forgery vulnerability that's being exploited: http://www.infosecisland.com/blogview/21172-OpenX-CSRF-Vulnerability-Being-Actively-Exploited.html

However at least aminet incident wasn't case of OpenX banner since the actual site served the malicious javascript.