JP1 Remotes Forum Index JP1 Remotes


FAQFAQ SearchSearch 7 days of topics7 Days MemberlistMemberlist UsergroupsUsergroups RegisterRegister
ProfileProfile Log in to check your private messagesLog in to check your private messages Log inLog in

We were hacked overnight

 
Post new topic   Reply to topic    JP1 Remotes Forum Index -> Web Site Issues
View previous topic :: View next topic  
Author Message
The Robman
Site Owner


Joined: 01 Aug 2003
Posts: 18078
Location: Chicago, IL

PostPosted: Thu Oct 06, 2011 8:42 am    Post subject: We were hacked overnight Reply with quote

So some of you might have had your Spam Blocker software get tripped earlier when the forum tried to re-direct you somewhere else, but I have fixed it now. Hopefully I found all the places where they put their code.
_________________
Rob
www.hifi-remote.com
Please don't PM me with remote questions, post them in the forums so all the experts can help!
Back to top
View user's profile Send private message Visit poster's website
vickyg2003
Site Admin


Joined: 20 Mar 2004
Posts: 6941
Location: Florida

PostPosted: Thu Oct 06, 2011 8:53 am    Post subject: Reply with quote

Thanks for fixing this Rob, the sight that they sent me to was a little frightening.

I wish the hacker/spammers would just leave us alone!
_________________
Remember to provide feedback to let us know how the problem was solved and share your upgrades.

Tip: When creating an upgrade, always include ALL functions from the oem remote, even if you never plan on assigning them to a button. Complete function lists makes an upgrade more helpful to others.
Back to top
View user's profile Send private message Visit poster's website
3FG
Expert


Joined: 19 May 2009
Posts: 3219

PostPosted: Thu Oct 06, 2011 9:50 am    Post subject: Reply with quote

The site I was sent to wasn't frightening, but my wife (who happened to be passing) wanted to know what the heck I was doing!
Back to top
View user's profile Send private message
vickyg2003
Site Admin


Joined: 20 Mar 2004
Posts: 6941
Location: Florida

PostPosted: Thu Oct 06, 2011 10:10 am    Post subject: Reply with quote

3FG wrote:
The site I was sent to wasn't frightening, but my wife (who happened to be passing) wanted to know what the heck I was doing!

Laughing Probably the same site. Laughing
Back to top
View user's profile Send private message Visit poster's website
eferz
Expert


Joined: 03 Jun 2010
Posts: 1078
Location: Austin, Texas

PostPosted: Thu Oct 06, 2011 10:26 am    Post subject: Re: We were hacked overnight Reply with quote

The Robman wrote:
So some of you might have had your Spam Blocker software get tripped earlier when the forum tried to re-direct you somewhere else, but I have fixed it now. Hopefully I found all the places where they put their code.

Actually my SPAM blocker didn't catch that since it wasn't an email. Though, the AVAST Web Shield blocked the site "www2.simplegjcleaner.rr.nu" due to the trojan named, "JS:FakeAV-HZ" on the page it was trying to connect.
_________________
Remotes; JP1.2: Comcast URC-1067, JP1.3: Insignia NS-RC02U-10A, JP1.4 OARI06G, JP2.1: Cox URC-8820-MOTO (still trying to figure out how to make them self-aware.)
Back to top
View user's profile Send private message
vickyg2003
Site Admin


Joined: 20 Mar 2004
Posts: 6941
Location: Florida

PostPosted: Thu Oct 06, 2011 10:52 am    Post subject: Reply with quote

They have hacked the wiki too. Can't get anywhere without seeing things I'd rather not see.
Back to top
View user's profile Send private message Visit poster's website
eferz
Expert


Joined: 03 Jun 2010
Posts: 1078
Location: Austin, Texas

PostPosted: Thu Oct 06, 2011 12:52 pm    Post subject: Reply with quote

vickyg2003 wrote:
They have hacked the wiki too. Can't get anywhere without seeing things I'd rather not see.

Try Avast, I'm using the free version and once it detects the trojan it will block the destination link permanently allowing you to freely navigate through the wiki worry free.
_________________
Remotes; JP1.2: Comcast URC-1067, JP1.3: Insignia NS-RC02U-10A, JP1.4 OARI06G, JP2.1: Cox URC-8820-MOTO (still trying to figure out how to make them self-aware.)
Back to top
View user's profile Send private message
The Robman
Site Owner


Joined: 01 Aug 2003
Posts: 18078
Location: Chicago, IL

PostPosted: Thu Oct 06, 2011 5:08 pm    Post subject: Reply with quote

I've spent all day cleaning the wiki and I've got most of the stuff out, but obviously not all of it because when I go to the wiki page, I see it reference sweepstakesandcontestsinfo.com which is part of the hacked code.
_________________
Rob
www.hifi-remote.com
Please don't PM me with remote questions, post them in the forums so all the experts can help!
Back to top
View user's profile Send private message Visit poster's website
vickyg2003
Site Admin


Joined: 20 Mar 2004
Posts: 6941
Location: Florida

PostPosted: Thu Oct 06, 2011 5:35 pm    Post subject: Reply with quote

Thanks again for your efforts.
Back to top
View user's profile Send private message Visit poster's website
mathdon
Expert


Joined: 22 Jul 2008
Posts: 2825
Location: Cambridge, UK

PostPosted: Fri Oct 07, 2011 3:29 am    Post subject: Reply with quote

I am using Norton 360 version 5, which identified the hack and blocked my access to the JP1 site, telling me that it was trying to access Fake AV Website 24. Indeed, because of the time difference between here (UK) and the US, I discovered the hack while Rob was still asleep and drew his attention to it.

Whatever is left of the hack in the Wiki is still enough to activate Norton 360. I cannot access the Wiki link at all. I get the same message from Norton and the browser shows I have been redirected to:

http:/ /www3.bustdy.in/?v2d3atte=mqfNl56pqZyYm%2BPdyLapWNinzbGnlpmqqKaUrqdmmlc%3D

(I've put a space between the two /'s so that it doesn't show as a hyperlink) So some users, like me, will be unable to use the Wiki until it has been fully cleaned.
_________________
Graham
Back to top
View user's profile Send private message
The Robman
Site Owner


Joined: 01 Aug 2003
Posts: 18078
Location: Chicago, IL

PostPosted: Fri Oct 07, 2011 2:55 pm    Post subject: Reply with quote

Can you guys try the wiki now and tell me if it's working for you. I don't see the tell-tale sign of the hacker's URL anymore when I try it.
_________________
Rob
www.hifi-remote.com
Please don't PM me with remote questions, post them in the forums so all the experts can help!
Back to top
View user's profile Send private message Visit poster's website
mathdon
Expert


Joined: 22 Jul 2008
Posts: 2825
Location: Cambridge, UK

PostPosted: Fri Oct 07, 2011 5:12 pm    Post subject: Reply with quote

I've only had a quick look but it seems fine now and it didn't trigger Norton to block anything. Many thanks.
_________________
Graham
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic       JP1 Remotes Forum Index -> Web Site Issues All times are GMT - 5 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


 

Powered by phpBB © 2001, 2005 phpBB Group
Get Smart! the band's official homepage Rockabilly Central