Jump to content

One Of My Favorite Websites Is Being Hacked :(


Trip
 Share

Recommended Posts

they are running phpbb and keep getting attacked

http://dubstepforum.com/

avast is detecting and blocking malware

but they are struggling to find the source / block this attack

im all ears for any suggestions

*seems to have stopped*

ill screen grab the error avast throws ... i think its a dodgy ad server tbh tho

Edited by Trip
Link to comment
Share on other sites

+1. You need something more than avast! unless it's actually made for a server environment...

Avast has a server edition as well and I have been using it for while and its really good.

Link to comment
Share on other sites

they are running phpbb and keep getting attacked

http://dubstepforum.com/

avast is detecting and blocking malware

but they are struggling to find the source / block this attack

im all ears for any suggestions

*seems to have stopped*

ill screen grab the error avast throws ... i think its a dodgy ad server tbh tho

Why do you set up some honeypots to do a research on the type of attacks they are using against your favorite website. And then based on the results, you can determine what action to take.

Edited by Infiltrator
Link to comment
Share on other sites

lol i dont know what they're using as av on the server (im running avast atm)

... im sure they have contacted the people that program phpbb and reported this problem

if i find any more information ill let you guys know.

.... i was going to post when they first got attacked but they took the site down and 'seemed' to have sorted it out but it happened again yesterday so im presuming these 'hackers' have another route into the server

n e way ill keep you updated

Edited by Trip
Link to comment
Share on other sites

Have you been in contact with the sites admins? Do you even know for certain their site was hacked? or are you only assuming because YOUR anti-virus alarmed when viewing their site?

First thing you should do is contact them if you suspect something. Without jumping the gun, it could also have been a false positive. I've been to a few sites that did the same thing because of code in one of the sites images, but it was a generic false positive because of heuristic data it found in an image on the site. Could be the same thing in your case.

Link to comment
Share on other sites

Most of these attacks if are not originated from Russia are from China. Amazing facts..... Best bet would be to block these ip addresses.

Edited by Infiltrator
Link to comment
Share on other sites

i dont understand why they'd target the dubstepforum tho :(

The site probably has good traffic, they target that website because it had poor security. Most likily outdated forum software. and so they put something on their site using an exploit. My guess is something like adware or a backdoor trojan to add the sites users to a botnet or something along those lines.

Your fav sites admins if they're smart will block the guys ip, report it, and update their forums software.

Link to comment
Share on other sites

I'm not trying to sound elitist or anything, but I haven't ran a real-time anti-virus in at least a year or so. Sandboxie/VMs are good enough for me IF I even need them. Just be smart and conscious about what you're doing, and most of your problems will disappear.

Link to comment
Share on other sites

I used to be like that. Eventually I decided that given I was running Windows, and the places on the net I spent my time on, it was probally a good idea given that its not even like an AV client uses any significant resources these days. Its like condoms, if your in a monogamous, safe trusting relationship then you can forgo them, but if your not, its stupid not to use them.

As for free AV clients of merit, MS Security Essentials or AntiVir, both of these I like.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...