Jump to content

BRFCS

BY THE FANS, FOR THE FANS
SINCE 1996
Proudly partnered with TheTerraceStore.com

[Archived] Virus?


Recommended Posts

B)--><div class='quotetop'>QUOTE(Ste B @ Jan 30 2007, 19:58 ) 485447[/snapback]</div><div class='quotemain'><!--quotec-->

No, some russian ###### did though.

Delete the mail.

How did the Russian ###### get my email address?

You need an email address to sign up to the site, so if you're still using the same one, thats the one they'll have got.

Link to comment
Share on other sites

You need an email address to sign up to the site, so if you're still using the same one, thats the one they'll have got.

my email address is not posted though! so its not visible, how is it possible Steb

Link to comment
Share on other sites

my email address is not posted though! so its not visible, how is it possible Steb

I guess the email addresses are held on a database in case there is a need to reverify passwords, contact members etc.

this is probably what the hacker managed to use to send the email out.

Link to comment
Share on other sites

my email address is not posted though! so its not visible, how is it possible Steb

As modi said, your email address which you used to register for the messageboard will be stored in a database.

The said russian ####### hasn't gone through the messageboard reading each and every thread looking for people who have put their email address on. They get into behind the scenes and do it automatically

Link to comment
Share on other sites

I guess the email addresses are held on a database in case there is a need to reverify passwords, contact members etc.

this is probably what the hacker managed to use to send the email out.

I would have thought the data base was stored away from internet access to avoid this kind of thing happening, am i wrong?

Link to comment
Share on other sites

I would have thought the data base was stored away from internet access to avoid this kind of thing happening, am i wrong?

Well as far as most people know the databases that drive sites such as this are hidden away and are secure. So don't worry, there isn't a page on this website which has your name, email etc etc spelled out for everyone to see.

However the database is still held on the same webspace (or the website wouldn't work) and sometimes annoying people come along, break the security and can get in behind the scenes and go out to cause everyone an inconvenience by spreading a virus.

Its just the same as every other computer program really, it is protected as best as can be and updated when new security patches come out. But people, if they are that way inclined, will always find a way round them.

Link to comment
Share on other sites

there is a bulk email function in our admin programs. once they have got in they use that to send to every member.

they also add a line of code to the board wrapper which downloads the same program. fortunately it was spotted and removed reasonable quickly.

FYI, the board will also be upgraded again in the near future, to the very latest version which should give us more tools we can use. Also will help us add some extra functionality. Not sure when yet, but will keep people posted.

Link to comment
Share on other sites

Yoda "my email address is not posted though! so its not visible, how is it possible Steb"

When they get in as admin they have extra rights and probally full access to the database. All html requests are individual and retain no memory. (Cookies arnt really that advanced). The virus they planted can give access to the database (if they know it) or run appliaction commands or can simply give admin rights and the hacker/program can guess (or go straight there if they know hoe the application works)

By guessing they would run commands such as "showtopic". Everything after the ? in the address bar is in effect a function call.

Now change that to command to the command to bulk email or retrieve an email from the database and you have someones email, if the functions exist that is. (this would need lots of extra info in addition to he url stuff I have mentioned)

Most hackers will use automation to work out these commands and then they can link directly into the web application code.

------------

Yoda "I would have thought the data base was stored away from internet access to avoid this kind of thing happening, am i wrong?"

It would be very unusual if it was. It would make the registration process very long winded and non-automated.

------------

Well done on catching this early admin. Its not the easiest thing to do so I dont think anyone needs to be worried about their data security.

Link to comment
Share on other sites

brfcs.com would never (I assume) send out a mail with an attachment on it, especially an exe file.

Does this mean we're going to get more spam now?

Ta.

No, as whoever did it hasnt actually got your email addresses. All that has happened is that the bulk mail tool from within IPB was invoked (and stopped)..

As for the avatars, I still dont know exactly how this happened, but it was the most likely security breach.

Link to comment
Share on other sites

When will people stop infecting the net using IE?

Hope everyones files are ok. I'm afraid I didn't get the mail myself so I haven't had any chance to find out exactly what it was supposed to do.

Good job cleaning up so fast, Admins :)

Link to comment
Share on other sites

Does this virus represent a danger to Macs?

If you run Parrallels, or Boot Camp etc on a Mac (and use IE), then yes - if not, then no.

When will people stop infecting the net using IE?

When end users realise that there are better and more secure alternatives to Microsoft products.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.