Another site hacked...

Web-scanner protected most users, however... http://news.softpedia.com/news/Avast-Forum-Hacked-Users-At-Risk-70378.shtml

 

From the link 19monty64 provided:

This is the second time this year that this has happened. https://www.wilderssecurity.com/showthread.php?t=183634&highlight=avast hacked
It's good to see that those with AV's or those using an alternative browser were safe.

edit: added link

 

I guess the attacks are stepping up... http://news.softpedia.com/news/Just-Another-Security-Forum-Hacked-70443.shtml ...leading up to what is supposed to an all out attack on the 11th... http://news.softpedia.com/news/The-...nch-November-11-Terrorist-Attacks-70300.shtml

 

Hello,

A very good example that practising safe hex/having safe surfing habits, does not prevent you to be attacked by the "trusted" websites and forum you visit. You still need protection, even behind an hardware firewall.

A good reminder that nothing can be trusted as soon as you are connected, and that running "naked" (security wise) computers is not advisable. Also I'm glad to see that Firefox were not affected.

Regards,
gkweb.

 

There was also a failed attempt to hack F-Prot's site recently, so safe-surfing provides no real security. A lot of visitors to security vendors and support forums may have limited or weakened security in the first place, due to the fact that their present security may be lacking, missing or already infected. It's good that the alternate browsers are safe......FOR NOW!

 

Not true. The article must be refering to the original incident. I don't know why they issued it with an almost 3 months delay...

 

Does anyone know if IE7 running in protected mode under Vista would have been exploited?
thanks

 

I was sorta wondering if they were referring to the old incident too. The article was very vague with no dates. I should have known better. Thanks for the update.

 

They quoted me! So it must be the old incident.

 

Does anyone happen to know what the infection would have done ? and whether
it would have survived a re-boot using deepfreeze or returnil ?

 

I find this a bit shocking, as recently I've been on the avast forums for quite some time recently (including the times listed) but found no warning whatsoever in terms of a viral threat or symptoms of one (could be the fact that I use FireFox with NoScript on). I'll do a few scans just to confirm that I wasn't infected, although I still am amazed that this is not the first time Alwil has been hacked.

No doubt this will cause some unrest, but I do hope that Alwil will try and step up in terms of its security measures with its other features as it is quite disheartening to find this out (safe-surfing has always been a plus for me, and suddenly finding one of those "safe sites" hacked definitely got me more aware). I suppose others should take note of this too as you never know what could happen now in a world full of hackers, malware, and the like.

 

What?
Have you seen the above conversation?

It happened only once, in August. That's it.

 

Yes, I was the one responsible for the double-posting. Sorry for the confusion. Point is though, that the frequency and variety of attacks on security and support forums seems to be on the rise, so that it seems safe-surfing may not be a matter of "common sense" but rather "dumb luck". Just mt 2c...

 

...hmm.

There must be something so attractive to those 'blackhats' that they've targetted Avast's forum. Could we here and others' be hacked soon??

 

I would be surprised to see Wilders hacked. The center of focus seems to be sites that analyze HijackThis-logs, as visitors are more likely to be vulnerable, and vendors sites, whereas visitors may be lacking in security since they are at a site that distributes security-software.

 

Indeed , it was only one time.
At the time LinkScanner Pro stopped this for me.

I would not be suprised at all. Unless Wilders has some way of preventing this from happining. They seem to be targeting security forums. (Castle Cops forum, Avast forum) I believe CC was a dos or ddos attack thou. Not sure.
But my point is it is security forums that seem to get attacked recently and Wilders is a security forum.

 

Hi, folks:

Hack attempts on Wilders ? I would not be surprised, and perhaps in high numbers. Security is THE trademark of Wilders. I can not image the magnitude of tidal wave created by failure of Wilders' part if there were one. I have a full faith in Wilders.

 

I'm not saying Wilders or it's members are immune, but would-be attackers are going to want to get the most "bang-for-their-buck." Their efforts would be more fruitful if aimed at a help-forum or vendors-site whose visitors are possibly lacking in security for various reasons. No one has ever accused Wilders-members of lacking in that department. Even launching a DOS-attack at a forum (CC) that openly publicizes the names of "rogue anti-malwares" would achieve more. I just can't see us being a target of anyone. (other than people that have been banned and are still lurking)

 

In the case discussed "Dumb luck" of being fully patched helps too you know.

 

There was a guy a few months ago? who ran some vulnerability scanners on the servers here and found some things and wanted to discuss them. Obviously he got no discussion.

Wilders might be a security forum, but it's not that kind of security forum unless we are talking about HIPS to protect web servers.

 

I thought it was the web-shields that thwarted that attack As far "being fully patched" goes, who needs'em if you've got RIPS

 

Yes and no.

That's the dumbest thing i ever heard.

 

You've obviously never heard about RIPS then...

 

http://www.rips.com/

 

Good one...ROFLMAO...but that's not the RIPS I was talking about dean.