forum home | register | profile | members |search | faq
homepage | lost password? | chat room
|
|
QSA ToolWorks Public Feedback Forum forum home | register | profile | members |search | faq homepage | lost password? | chat room |
| QSA ToolWorks Public Feedback Forum > Forum Orientation > Compromised Forum Security | You are not logged in. Login or Register. |
| Pages: 1 |
|
| Author: | Topic: | |||
Matt Posts: 107 Registered: 2003-02-16  mstrange@mac.com  |
 Posted: Sep 06, 2003 4:40:26 pm    
To all Helix forum members, [In September, 2003] our php-based discussion forum was compromised and the list of users (and their passwords) was taken. We have taken care of the problem that allowed the compromise, but be aware that the password that you use to log in to the Helix Forum should be changed. If you have any problems changing your password, contact <mailto:helen@helixtech.com> or <mailto:matt@helixtech.com>. Please include "[FORUMS]" in your email subject so we can resolve it quickly, and be sure to tell us what your user name is. Thank you for your understanding, Matthew Strange Gil Numeroff and Helen (the Patron Saint of Helix, and Maintainer of the OS X Boxes) QSA ToolWorks, LLC ** Technical Details, For Those Who Care ** The purpose of the hack (perpetrated by some unknown entity with an IP address originating in Belarus) was to identify a user with admistration privileges, log in as that user, and install a Visual Basic script onto our pages. The ultimate intent was to modify computers running Microsoft Windows when they visited our forum, apparently to prepare them for some later use. (Probably as an open relay for UCE or as a drone for a DDoS attack.) According to our server log, we caught the intrusion before any Windows computers visited the forum. (Two Mac users did visit the forum during that time, but they were greeted with an alert that they needed to install a plug-in to fully view the page contents. To our knowledge, neither of the visitors followed that advice, but even if they had, this particular VB script would have had no affect on a Mac. As a side issue, for the last few days the password changing mechanism in the forum wasn't working right. Attempts to change a user password would result in neither the old nor the new passwords being accepted by the forum. That problem has been fixed, so all forum members should reset their passwords as soon as possible. - Edited by Matt on: Aug 20, 2004 1:18:08 pm
|
| Pages: 1 |
|
| Lost Password? Powered by UPB Version : 1.8 A script by PHP Outburst |
