What happened to Avast Forum?

What happened to the Avast forum? I don't see a whole lot of English anymore.

 

The Avast forum is completly down here. Can't get in at all.

 

Maybe this will explain it http://news.softpedia.com/news/Avast-Forum-Hacked-Users-At-Risk-70378.shtml

 

it is english for me, and loads, but says diskusni fora alwil softw on my tab.

 

I went there earlyer as did BG.
I saw nothing in english.Dutch maybe.
All is back to normal here anyway.
A glitch in their system maybe?

 

No, it was Czech

 

It has been hacked,again.
http://forum.avast.com/index.php?topic=34039.0

 

Thanks for the info Mike

 

Yep, and anyone with an out of date IE or those using Avast! were exposed to the exploit.

 

from Avast forum

http://www.microsoft.com/technet/security/Bulletin/MS06-014.mspx

 

I have uninstalled Avast as of today.

 

Is this because their forum was hacked or because the software did not catch the exploit?

 

The latter. In some ways, it seems that Avast actually constituted a nasty's entryway into my computer. That's the opposite of what an AV should do.

 

I am sticking with avast! despite this episode. As has been stated on here many times, in many threads, no security product is going to catch everything. That is why I use a layered approach to security as most others here do.

Hopefully the fact that their site was hacked again will be a wake up call that they do need to make some changes.

As was said earlier, it seems the only ones who really had to worry were IE users who had not kept their patches up to date.

 

What was the "exploit", actually? News on it seems to be scarce.

If it was a simple redirect, it'd be rather unreasonable to expect avast! (or any other antivirus) to catch it at all.

 

So you were using IE that has not been updated in 1.5 years ?

What exactly did you get infected with ?

 

from what is posted it was a VBS that was [1.5] yr old. the forum got redirected to a porn site/malicious.

 

I never use IE. That is not the point. If an AV doesn't cover any & all possible infections at a given point in time, I can understand & accept that. But (IMO) this situation went beyond that.

 

Vlk's post didn't say that the VBS itself was 1.5 years old - only that it tried to exploit a 1.5 years old vulnerability, long fixed.

I didn't see the file or page myself, so I'm just guessing - but if an antivirus forum gets hacked (which is very unfortunate, of course), and the attacker modifies the page somehow to include a malicious frame - then I would expect the attacker to modify/craft the piece of code in such a way that the particular antivirus (used by the majority of local audience) doesn't detect it - doing otherwise would be rather stupid.
(Irrelevant of what the particular antivirus/forum is, of course.)

 

Let's keep our fingers crossed that my own worse fears never get realized.

It's one thing to bug a web site, that can be quickly remedied as soon as discovered, but i always shutter what might happen if any AV's Update Server was to be compromised to send instead of virus updates and whole slew of viruses or other corruptions that could ruin an entire machine's file system.

Anyone have any notes if this is ever happened or not?

 

They should really take care of their forum... not the first time it was hacked is it?

 

What "care" exactly? ALWIL didn't developed SMF. I really don't understand why ppl jump to conclusions so fast when security firm forums get hacked.
They just use software developed by someone else, SMF in this case.
Same could happen to any other forum software. Besides, users using unpatched browsers should be the first to blame in the first place.

 

Although Alwil didn't develop SMF forum software, they DID select it for use on their forum. Such being the case, I wonder if they have ever read THIS website concerning security vulnerabilities of SMF? It evidently covers PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

It is to be expected, of course, that forums of security software would often be *juicy targets* for a hacker -- a reputation-builder among the hacker's peers. I am not saying that a highly secure BB could never be breached. Even so, I think that a security organization should take pains to ensure it is using the most secure BB software possible.

I am not saying that Alwil didn't do exactly that. However, in view of the website linked above, I am wondering if SMF is a highly secure BB software? Or are there better, more secure choices for use by a forum that supports security software?

 

I don't want to defend SMF in any way, but this is unfair...

For example, take a look at which software Wilders is using, and then go here: http://secunia.com/search/?search=vbulletin