Jump to content

One Of My Favorite Websites Is Being Hacked :(


Recommended Posts

Posted (edited)

they are running phpbb and keep getting attacked

http://dubstepforum.com/

avast is detecting and blocking malware

but they are struggling to find the source / block this attack

im all ears for any suggestions

*seems to have stopped*

ill screen grab the error avast throws ... i think its a dodgy ad server tbh tho

Edited by Trip
Posted

Avast is running on a webserver? :|

Block IP ranges.

Change the IP of the server in the DNS lookup temporarily. (Make them connect to NSA.gov for fun and keep strain of your servers til it's upgraded/patched/fixed)

Posted
+1. You need something more than avast! unless it's actually made for a server environment...

Avast has a server edition as well and I have been using it for while and its really good.

Posted (edited)
they are running phpbb and keep getting attacked

http://dubstepforum.com/

avast is detecting and blocking malware

but they are struggling to find the source / block this attack

im all ears for any suggestions

*seems to have stopped*

ill screen grab the error avast throws ... i think its a dodgy ad server tbh tho

Why do you set up some honeypots to do a research on the type of attacks they are using against your favorite website. And then based on the results, you can determine what action to take.

Edited by Infiltrator
Posted (edited)

lol i dont know what they're using as av on the server (im running avast atm)

... im sure they have contacted the people that program phpbb and reported this problem

if i find any more information ill let you guys know.

.... i was going to post when they first got attacked but they took the site down and 'seemed' to have sorted it out but it happened again yesterday so im presuming these 'hackers' have another route into the server

n e way ill keep you updated

Edited by Trip
Posted

Have you been in contact with the sites admins? Do you even know for certain their site was hacked? or are you only assuming because YOUR anti-virus alarmed when viewing their site?

First thing you should do is contact them if you suspect something. Without jumping the gun, it could also have been a false positive. I've been to a few sites that did the same thing because of code in one of the sites images, but it was a generic false positive because of heuristic data it found in an image on the site. Could be the same thing in your case.

Posted (edited)

2uz82ed.jpg

^^ im just a user ... but this is what keeps happening

im sure we could counter hack that ip :)

Edited by Trip
Posted (edited)

Most of these attacks if are not originated from Russia are from China. Amazing facts..... Best bet would be to block these ip addresses.

Edited by Infiltrator
Posted
Probably drum and bass fans...

yeah ... sad thing is most people that like dnb also like dubstep

Posted
i dont understand why they'd target the dubstepforum tho :(

The site probably has good traffic, they target that website because it had poor security. Most likily outdated forum software. and so they put something on their site using an exploit. My guess is something like adware or a backdoor trojan to add the sites users to a botnet or something along those lines.

Your fav sites admins if they're smart will block the guys ip, report it, and update their forums software.

Posted

yeah they keep blocking ips i believe

i feel for all the noobs that dont have their pc's setup correctly

Posted
yeah they keep blocking ips i believe

i feel for all the noobs that dont have their pc's setup correctly

LOL is having Avast your idea of having your PC setup "correctly?"

Posted

avast is better than most

what would you recommend if i could afford a license id be using sophos

Posted

I'm not trying to sound elitist or anything, but I haven't ran a real-time anti-virus in at least a year or so. Sandboxie/VMs are good enough for me IF I even need them. Just be smart and conscious about what you're doing, and most of your problems will disappear.

Posted

I used to be like that. Eventually I decided that given I was running Windows, and the places on the net I spent my time on, it was probally a good idea given that its not even like an AV client uses any significant resources these days. Its like condoms, if your in a monogamous, safe trusting relationship then you can forgo them, but if your not, its stupid not to use them.

As for free AV clients of merit, MS Security Essentials or AntiVir, both of these I like.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...