Server Compromise

Här sparas riktigt gamla och inaktuella inlägg som endast bevaras ur "historiesyfte". Observera att inlägg i denna kategori inte dyker upp i sökfunktionen.
Here we archive really old posts - they are only stored for historical purposes. Please note that posts in this category will not show up while searching.
Locked
User avatar
Jonathan
Webmaster
Webmaster
Posts: 542
Joined: Sun 15 Dec 2002, 17:45
Location: Stockholm
Contact:

Server Compromise

Post by Jonathan » Thu 21 May 2009, 22:57

Hello everyone, and welcome back,

The website is now up and running again after having being attacked via an exploit in the PHP installation of our webhost's server. This exploit allowed the attacker to place hidden links in all of the forum pages which tried to download trojans silently in the background.
Specifically these links were leading to the niklejo.net website (the link leads to Google Safe Browsing diagnostics page for niklejo.net - some interesting info there).

Everyone that has visited the CarlssonPlanet forums in the last 2 days (and everyone else for that matter!) should make sure they have antivirus software installed and that it is running and up-to-date with the latest virus definitions.

To read more about the exploit that was used here on the CarlssonPlanet forums, please visit this link.

The important thing to note here that this exploit did NOT in any way result in any kind of breach of data, i.e. no passwords or other personal information has been stolen or compromised. The script that was used here merely edited existing web pages on the server to include those links, there was no way for it to access the databases which store passwords etc.
Then again, it's never a bad idea to regularly change passwords just as a general safety measure, and if you're using the same password across multiple sites that is not security wise and should not be done under any circumstance.

Before bringing the site back online, we teamed up with phpBB's Incident Investigation Team who were kind enough to help us sanitize the entire site even though the exploit that was used had nothing to do with phpBB itself.

We are deeply sorry about the unavailability of the website and for any damage caused.

In the coming weeks, we will be moving web hosts since this is not the first time our current web host has had serious breaches of security. A quick Google search for "servage + hacked" should prove that rather well.
Jonathan Gulbrandsen - Webmaster
The Rules | Asking Questions The Smart Way
"There are two ways to write error-free code. Only the third one works."
"Deliver yesterday, code today, think tomorrow."

Locked

Who is online

Users browsing this forum: No registered users and 1 guest