What happened to the Avast forum? I don't see a whole lot of English anymore.

The Avast forum is completly down here. Can't get in at all.

Maybe this will explain it http://news.softpedia.com/news/Avast-Forum-Hacked-Users-At-Risk-70378.shtml

The normal avast forum is up and running now. Looking at the list of recent posts, they may have been offline for maybe 3 hours. Everything looks fine there at this time.

{QUOTE-> What happened to the Avast forum? I don't see a whole lot of English anymore. <-QUOTE}What did you see exactly? That doesn't sound like they were down. It sounds like you are saying you saw something unexpected.

{QUOTE-> Maybe this will explain it... <-QUOTE}The date on the blog article was Nov 2007, however, that posting itself was late. The incident it actually referred to happened in Aug 2007, and to the best of my knowledge, that was the last time the avast SMF forum was effected like that.

it is english for me, and loads, but says diskusni fora alwil softw on my tab.

I went there earlyer as did BG.
I saw nothing in english.Dutch maybe.
All is back to normal here anyway.
A glitch in their system maybe?

{QUOTE-> Dutch maybe. <-QUOTE}
No, it was Czech :)

It has been hacked,again.:o
http://forum.avast.com/index.php?topic=34039.0

{QUOTE-> The normal avast forum is up and running now. Looking at the list of recent posts, they may have been offline for maybe 3 hours. Everything looks fine there at this time.

What did you see exactly? That doesn't sound like they were down. It sounds like you are saying you saw something unexpected.

The date on the blog article was Nov 2007, however, that posting itself was late. The incident it actually referred to happened in Aug 2007, and to the best of my knowledge, that was the last time the avast SMF forum was effected like that. <-QUOTE}



Thanks for the info Mike:thumb:

{QUOTE-> It has been hacked,again.:o
http://forum.avast.com/index.php?topic=34039.0 <-QUOTE}
Yep, and anyone with an out of date IE or those using Avast! were exposed to the exploit.

from Avast forum

{QUOTE-> It used a 1.5 year old vulnerability in Windows.
Unless your browser is way outdated, you should be safe. <-QUOTE}

http://www.microsoft.com/technet/security/Bulletin/MS06-014.mspx

{QUOTE-> Yep, and anyone with an out of date IE or those using Avast! were exposed to the exploit. <-QUOTE}I have uninstalled Avast as of today.

{QUOTE-> I have uninstalled Avast as of today. <-QUOTE}

Is this because their forum was hacked or because the software did not catch the exploit?

{QUOTE-> Is this because their forum was hacked or because the software did not catch the exploit? <-QUOTE}The latter. In some ways, it seems that Avast actually constituted a nasty's entryway into my computer. That's the opposite of what an AV should do.

I am sticking with avast! despite this episode. As has been stated on here many times, in many threads, no security product is going to catch everything. That is why I use a layered approach to security as most others here do.

Hopefully the fact that their site was hacked again will be a wake up call that they do need to make some changes.

As was said earlier, it seems the only ones who really had to worry were IE users who had not kept their patches up to date.

{QUOTE-> The latter. In some ways, it seems that Avast actually constituted a nasty's entryway into my computer. That's the opposite of what an AV should do. <-QUOTE}
What was the "exploit", actually? News on it seems to be scarce.

If it was a simple redirect, it'd be rather unreasonable to expect avast! (or any other antivirus) to catch it at all.

{QUOTE-> The latter. In some ways, it seems that Avast actually constituted a nasty's entryway into my computer. That's the opposite of what an AV should do. <-QUOTE}
So you were using IE that has not been updated in 1.5 years ?

{QUOTE-> It used a 1.5 year old vulnerability in Windows.
Unless your browser is way outdated, you should be safe.

http://www.microsoft.com/technet/security/Bulletin/MS06-014.mspx <-QUOTE}

What exactly did you get infected with ?

from what is posted it was a VBS that was [1.5] yr old. the forum got redirected to a porn site/malicious.
{QUOTE-> You're hacked by Turkish Hackers.. They are members of ***cyberwarrior***

But they are only member.. So you are not hacked by Cyberwarrior***, hacked by some members ( Volqan- Ekin0x ) <-QUOTE}

{QUOTE-> So you were using IE that has not been updated in 1.5 years ? <-QUOTE}I never use IE. That is not the point. If an AV doesn't cover any & all possible infections at a given point in time, I can understand & accept that. But (IMO) this situation went beyond that.

Vlk's post didn't say that the VBS itself was 1.5 years old - only that it tried to exploit a 1.5 years old vulnerability, long fixed.

I didn't see the file or page myself, so I'm just guessing - but if an antivirus forum gets hacked (which is very unfortunate, of course), and the attacker modifies the page somehow to include a malicious frame - then I would expect the attacker to modify/craft the piece of code in such a way that the particular antivirus (used by the majority of local audience) doesn't detect it - doing otherwise would be rather stupid.
(Irrelevant of what the particular antivirus/forum is, of course.)

Let's keep our fingers crossed that my own worse fears never get realized.

It's one thing to bug a web site, that can be quickly remedied as soon as discovered, but i always shutter what might happen if any AV's Update Server was to be compromised to send instead of virus updates and whole slew of viruses or other corruptions that could ruin an entire machine's file system.

Anyone have any notes if this is ever happened or not?

They should really take care of their forum... not the first time it was hacked is it?

What "care" exactly? ALWIL didn't developed SMF. I really don't understand why ppl jump to conclusions so fast when security firm forums get hacked.
They just use software developed by someone else, SMF in this case.
Same could happen to any other forum software. Besides, users using unpatched browsers should be the first to blame in the first place.

{QUOTE-> ALWIL didn't developed SMF. <-QUOTE}Although Alwil didn't develop SMF forum software, they DID select it for use on their forum. Such being the case, I wonder if they have ever read THIS website (http://securityvulns.com/Gnews571.html) concerning security vulnerabilities of SMF? It evidently covers PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

It is to be expected, of course, that forums of security software would often be *juicy targets* for a hacker -- a reputation-builder among the hacker's peers. I am not saying that a highly secure BB could never be breached. Even so, I think that a security organization should take pains to ensure it is using the most secure BB software possible.

I am not saying that Alwil didn't do exactly that. However, in view of the website linked above, I am wondering if SMF is a highly secure BB software? Or are there better, more secure choices for use by a forum that supports security software?

{QUOTE-> Although Alwil didn't develop SMF forum software, they DID select it for use on their forum. Such being the case, I wonder if they have ever read THIS website (http://securityvulns.com/Gnews571.html) concerning security vulnerabilities of SMF? It evidently covers PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
<-QUOTE}

I don't want to defend SMF in any way, but this is unfair...

For example, take a look at which software Wilders is using, and then go here: http://secunia.com/search/?search=vbulletin

bellgamin, their forum getting compromised is no reason to stop using an antivirus company's products, when it is the fault of the forum software maker.
The company's job is to make sure their forum stays updated, which it is.

Comodo also uses SMF. Does that mean you will not use any of their products?

{QUOTE-> What "care" exactly? ALWIL didn't developed SMF. I really don't understand why ppl jump to conclusions so fast when security firm forums get hacked.
They just use software developed by someone else, SMF in this case.
Same could happen to any other forum software. Besides, users using unpatched browsers should be the first to blame in the first place. <-QUOTE}
True, they could have used phpBB or VBulletin though couldn't they?

SMF has 5 known vulnerabilities, vBulletin has 23 of them. I'd hardly call that an improvement or a good track record of any kind... not that i'd make conclusions just out of these numbers.

Hackers really love avast forum ;D ;D ;D ;D ;D

{QUOTE-> Hackers really love avast forum ;D ;D ;D ;D ;D <-QUOTE}
ive noticed....

ANY forum can get hacked. There is no perfectly secure software. In post #28 RejZoR made a valid point. My implied criticism of Avast's use of SWF was ill-founded.

IF it is true that Avast's forum is attacked rather often, that makes me more (rather than less) inclined to stick with them and support them. I might add that Avast's forum is one of the most helpful and friendliest I have ever visited.

Avast is definitely a top tier AV, as revealed by long-term/consistent/excellent test results at AV-Comp and AV-test.org. Version 4.8-beta ran very stable on my computer and was not at all heavy on resources. Although I have switched to trialing another AV at the moment, Avast remains very much on my short list for primary use when my current paid AV's license expires next July.

{QUOTE-> ANY forum can get hacked. There is no perfectly secure software. In post #28 RejZoR made a valid point. My implied criticism of Avast's use of SWF was ill-founded.

IF it is true that Avast's forum is attacked rather often, that makes me more (rather than less) inclined to stick with them and support them. I might add that Avast's forum is one of the most helpful and friendliest I have ever visited.

Avast is definitely a top tier AV, as revealed by long-term/consistent/excellent test results at AV-Comp and AV-test.org. Version 4.8-beta ran very stable on my computer and was not at all heavy on resources. Although I have switched to trialing another AV at the moment, Avast remains very much on my short list for primary use when my current paid AV's license expires next July. <-QUOTE}
yes, I agree, avast is definately very good, but out of interest, how many vunrebilities does phpBB have?

{QUOTE-> ...how many vunrebilities does phpBB have? <-QUOTE}Check YONDER (http://securityvulns.com/soft/1895.html). Hmmm :argh:

Seems like the MS patch that was referenced earlier was issued about April or May 2006 according to the link given just in case any one was interested or did not take the time to check. Thanks Hyperflow.