What happened to Avast Forum?

Discussion in 'other security issues & news' started by BG, Mar 22, 2008.

Thread Status:
Not open for further replies.
  1. BG

    BG Registered Member

    Joined:
    Jun 14, 2003
    Posts:
    214
    What happened to the Avast forum? I don't see a whole lot of English anymore.
     
  2. Jadda

    Jadda Registered Member

    Joined:
    Jun 5, 2007
    Posts:
    422
    The Avast forum is completly down here. Can't get in at all.
     
  3. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
  4. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,874
    Location:
    New England
    The normal avast forum is up and running now. Looking at the list of recent posts, they may have been offline for maybe 3 hours. Everything looks fine there at this time.

    What did you see exactly? That doesn't sound like they were down. It sounds like you are saying you saw something unexpected.

    The date on the blog article was Nov 2007, however, that posting itself was late. The incident it actually referred to happened in Aug 2007, and to the best of my knowledge, that was the last time the avast SMF forum was effected like that.
     
  5. computer geek

    computer geek Registered Member

    Joined:
    Oct 6, 2007
    Posts:
    776
    it is english for me, and loads, but says diskusni fora alwil softw on my tab.
     
  6. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    I went there earlyer as did BG.
    I saw nothing in english.Dutch maybe.
    All is back to normal here anyway.
    A glitch in their system maybe?
     
  7. Sputnik

    Sputnik Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    1,198
    Location:
    Москва
    No, it was Czech :)
     
  8. mick92z

    mick92z Registered Member

    Joined:
    Apr 27, 2007
    Posts:
    499
    Location:
    Nottingham
  9. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma


    Thanks for the info Mike:thumb:
     
  10. EliteKiller

    EliteKiller Registered Member

    Joined:
    Jan 18, 2007
    Posts:
    1,138
    Location:
    TX
  11. HyperFlow

    HyperFlow Registered Member

    Joined:
    Mar 21, 2008
    Posts:
    115
  12. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    I have uninstalled Avast as of today.
     
  13. beethoven

    beethoven Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    1,040
    Is this because their forum was hacked or because the software did not catch the exploit?
     
  14. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    The latter. In some ways, it seems that Avast actually constituted a nasty's entryway into my computer. That's the opposite of what an AV should do.
     
  15. Firebytes

    Firebytes Registered Member

    Joined:
    May 29, 2007
    Posts:
    903
    I am sticking with avast! despite this episode. As has been stated on here many times, in many threads, no security product is going to catch everything. That is why I use a layered approach to security as most others here do.

    Hopefully the fact that their site was hacked again will be a wake up call that they do need to make some changes.

    As was said earlier, it seems the only ones who really had to worry were IE users who had not kept their patches up to date.
     
  16. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    What was the "exploit", actually? News on it seems to be scarce.

    If it was a simple redirect, it'd be rather unreasonable to expect avast! (or any other antivirus) to catch it at all.
     
  17. FastGame

    FastGame Registered Member

    Joined:
    Jan 15, 2005
    Posts:
    677
    Location:
    Blasters worm farm
    So you were using IE that has not been updated in 1.5 years ?

    What exactly did you get infected with ?
     
  18. HyperFlow

    HyperFlow Registered Member

    Joined:
    Mar 21, 2008
    Posts:
    115
    from what is posted it was a VBS that was [1.5] yr old. the forum got redirected to a porn site/malicious.
     
  19. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    I never use IE. That is not the point. If an AV doesn't cover any & all possible infections at a given point in time, I can understand & accept that. But (IMO) this situation went beyond that.
     
  20. i_g

    i_g Registered Member

    Joined:
    Aug 30, 2006
    Posts:
    133
    Vlk's post didn't say that the VBS itself was 1.5 years old - only that it tried to exploit a 1.5 years old vulnerability, long fixed.

    I didn't see the file or page myself, so I'm just guessing - but if an antivirus forum gets hacked (which is very unfortunate, of course), and the attacker modifies the page somehow to include a malicious frame - then I would expect the attacker to modify/craft the piece of code in such a way that the particular antivirus (used by the majority of local audience) doesn't detect it - doing otherwise would be rather stupid.
    (Irrelevant of what the particular antivirus/forum is, of course.)
     
  21. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,632
    Location:
    U.S.A. (South)
    Let's keep our fingers crossed that my own worse fears never get realized.

    It's one thing to bug a web site, that can be quickly remedied as soon as discovered, but i always shutter what might happen if any AV's Update Server was to be compromised to send instead of virus updates and whole slew of viruses or other corruptions that could ruin an entire machine's file system.

    Anyone have any notes if this is ever happened or not?
     
  22. computer geek

    computer geek Registered Member

    Joined:
    Oct 6, 2007
    Posts:
    776
    They should really take care of their forum... not the first time it was hacked is it?
     
  23. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    What "care" exactly? ALWIL didn't developed SMF. I really don't understand why ppl jump to conclusions so fast when security firm forums get hacked.
    They just use software developed by someone else, SMF in this case.
    Same could happen to any other forum software. Besides, users using unpatched browsers should be the first to blame in the first place.
     
  24. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Although Alwil didn't develop SMF forum software, they DID select it for use on their forum. Such being the case, I wonder if they have ever read THIS website concerning security vulnerabilities of SMF? It evidently covers PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

    It is to be expected, of course, that forums of security software would often be *juicy targets* for a hacker -- a reputation-builder among the hacker's peers. I am not saying that a highly secure BB could never be breached. Even so, I think that a security organization should take pains to ensure it is using the most secure BB software possible.

    I am not saying that Alwil didn't do exactly that. However, in view of the website linked above, I am wondering if SMF is a highly secure BB software? Or are there better, more secure choices for use by a forum that supports security software?
     
  25. vlk

    vlk AV Expert

    Joined:
    Dec 26, 2002
    Posts:
    618
    I don't want to defend SMF in any way, but this is unfair...

    For example, take a look at which software Wilders is using, and then go here: http://secunia.com/search/?search=vbulletin
     
Loading...
Thread Status:
Not open for further replies.