Planted Tank Hacked - Page 2 - The Planted Tank Forum
 3Likes
Closed Thread
 
LinkBack Thread Tools Display Modes
post #16 of 109 (permalink) Old 09-11-2010, 04:16 PM
Planted Tank Obsessed
 
Join Date: Oct 2006
Location: Cocoa Beach, FL!
Posts: 375
I think you may want to still check your code. When I got the email I thought it suspicious. So I just deleted it. Came to the site here manually, and the main forum page started making my antivirus go nuts.

Just wanted to give you a heads up.

I woke up one morning and realized my living room turned into a fish store!!! HELP!!!!
Khandurian is offline  
Sponsored Links
Advertisement
 
post #17 of 109 (permalink) Old 09-11-2010, 04:20 PM
Planted Tank Obsessed
 
Join Date: Feb 2004
Location: Fairfax, VA
Posts: 439
Quote:
Originally Posted by KyleT View Post

and as far as I know, it did not install anything malicious on any computers.
Yes it did -- when I got here my browser (Safari) flashed a message that the site contained malware.

Tank: 40 Gallon Breeder w/Eco Complete ||
Aquasun 156W Quad 5000K || SunSun 302 Canister Filter (Sunsun Pimp #77) || Pressurized CO2 || Dual Current Gamma 15W UV Sterilizers || Hydor Inline Heater
EricSilver is offline  
post #18 of 109 (permalink) Old 09-11-2010, 04:27 PM
Newbie
 
Join Date: Mar 2010
Location: Pomona, CA
Posts: 1
What if we haven't logged on in a while? Are we good?
Sinopa is offline  
post #19 of 109 (permalink) Old 09-11-2010, 04:51 PM Thread Starter
Planted Tank VIP
 
KyleT's Avatar
 
Join Date: Jul 2002
Location: Austin, Texas
Posts: 13,533
I am 99% sure that we got rid of the hack. Of course there is a slight chance that we missed something.

I believe that the users who are still experiencing a problem likely have a cached version of the forum or a specific page from the forum in their browsers. In order to remove these cached versions here are instructions:

http://www.aboutcookies.org/Default.aspx?page=2

Please Send all Support Requests to forumadmin
Bit Of Nothing - Personal Blog
KyleT is offline  
post #20 of 109 (permalink) Old 09-11-2010, 04:51 PM Thread Starter
Planted Tank VIP
 
KyleT's Avatar
 
Join Date: Jul 2002
Location: Austin, Texas
Posts: 13,533
Quote:
Originally Posted by Sinopa View Post
What if we haven't logged on in a while? Are we good?
More than likely yes.

Please Send all Support Requests to forumadmin
Bit Of Nothing - Personal Blog
KyleT is offline  
post #21 of 109 (permalink) Old 09-11-2010, 04:55 PM Thread Starter
Planted Tank VIP
 
KyleT's Avatar
 
Join Date: Jul 2002
Location: Austin, Texas
Posts: 13,533
Thanks for the heads up. I'm more than open to advice. If you want to send me a link please do, that way i can atleast check to ensure that isn't what this is.

I think it is just a coincidence that it happened on or near 9/11.

The exploit that i linked to was discovered a couple of days ago, and the symptoms of the hack were identical to the ones described there. I was able to locate the injected code and verified that it does not exist anymore after updating.

- Kyle



Quote:
Originally Posted by dzydvl View Post
Kyle, I'm an IT security admin by trait. Approximately 4 years ago there was a 9-11 hack done. The way it worked was to plant it on servers, and it would randomly (9-11 on random years) activate. I'm sure you are already aware of this, so I do apologize if this is repeated information. The initial hack was more of a worm, not really not meant to do damage. Unfortunately like all hacks, variants were written. I will try and dig up the security info I had on it. Again, I don't mean to intrude, just want to share what I know, I apologize if I crossed a line. I know some forums to get touchy when members try and offer information. This does not seem like one of those places, which is why I wanted to send a message.

sent from my phone, because I can't get the internet out in the boonies.

Please Send all Support Requests to forumadmin
Bit Of Nothing - Personal Blog
KyleT is offline  
post #22 of 109 (permalink) Old 09-11-2010, 04:57 PM
Nerd Alert.
 
Da Plant Man's Avatar
 
Join Date: Apr 2010
Location: The Bush, Alaska
Posts: 5,719
I just got on and google chrome marked this site saying it had "Malicious software" and that my computer could be at risk. If it is fixed why is chrome saying such a thing?

Also, thanks for the warning.


RAOK CLUB #12
Wabi-kusa Pimp #1
"99% of the time, a fish tank with plants will fail. Once you start a dedicated planted tank with fish, then you begin to succeed." - Geniusdudekiran
Da Plant Man is offline  
post #23 of 109 (permalink) Old 09-11-2010, 05:00 PM
Planted Tank Enthusiast
 
Bugman's Avatar
 
Join Date: Jan 2008
Location: Atlanta, Ga
Posts: 792
Well if you are like me you like to use the same password for everything instead of having to remember different ones. I'm changing the password on everything that was even similar. Especially financial accounts. Taking all precautions.
Bugman is offline  
post #24 of 109 (permalink) Old 09-11-2010, 05:18 PM
Algae Grower
 
billyk's Avatar
 
Join Date: Jan 2004
Location: North Central, Ma
Posts: 14
Bummer, sorry to hear about this. My site was hit a while back. Bugger to repair!
billyk is offline  
post #25 of 109 (permalink) Old 09-11-2010, 05:37 PM
Algae Grower
 
TheeOldMan's Avatar
 
Join Date: Jul 2009
Location: Upstate NY
Posts: 28
Thanks for heads up Kyle
i didnt use e-mail link to get here. i logged in ( using firefox ) and read about to make sure there was a problem. after reading posts i logged off and signed back in using safari and didnt get anything strange. although my Safari may need updating , but didnt experience anything strange with FireFox which is up to date.
thanks again for the heads up, password changed.

2.6g Fry ( snails + water spider )
10g Guppies
20g Guppies + Pleco (common) , Hornwort
TheeOldMan is offline  
post #26 of 109 (permalink) Old 09-11-2010, 05:43 PM
Planted Tank Obsessed
 
Join Date: Feb 2004
Location: Fairfax, VA
Posts: 439
I'm back and this time, no malware warning (in safari).

I also tried Internet Explorer and no issues. (Previously it closed a tab with an error message).

I also ran a virus scan and no problems.

So it looks like you are OK.

Tank: 40 Gallon Breeder w/Eco Complete ||
Aquasun 156W Quad 5000K || SunSun 302 Canister Filter (Sunsun Pimp #77) || Pressurized CO2 || Dual Current Gamma 15W UV Sterilizers || Hydor Inline Heater
EricSilver is offline  
post #27 of 109 (permalink) Old 09-11-2010, 05:46 PM
Planted Tank VIP
 
chad320's Avatar
 
Join Date: Mar 2010
Location: Spring Valley, IL
Posts: 7,701
When I got on I had a pop up from "Java" ? IDK what it was. Mcaffee came on and said it blocked malware though. I changed my password anyway and ive been running fine. Thanks Kyle!
chad320 is offline  
post #28 of 109 (permalink) Old 09-11-2010, 05:50 PM
Planted Tank Obsessed
 
Join Date: Feb 2004
Location: Fairfax, VA
Posts: 439
Ditto that.

When I first had the problem with IE it generated an error report identifying Java VM as the issue:

# The exception above was detected in native code outside the VM
#
# Java VM: Java HotSpot(TM) Client VM (1.4.2_03-b02 mixed mode)

Tank: 40 Gallon Breeder w/Eco Complete ||
Aquasun 156W Quad 5000K || SunSun 302 Canister Filter (Sunsun Pimp #77) || Pressurized CO2 || Dual Current Gamma 15W UV Sterilizers || Hydor Inline Heater
EricSilver is offline  
post #29 of 109 (permalink) Old 09-11-2010, 07:39 PM
Wannabe Guru
 
fresh.salty's Avatar
 
Join Date: Jul 2010
Location: SoCal
Posts: 1,956
Changed the password while at my shop. Came home and logged in and of course needed to log in with the new PW. But Firefox gave me a bar across the top that said I needed to install a plug-in to view all content on the page. I ignored that message and logged in with the new PW and it "seems" fine.
fresh.salty is offline  
post #30 of 109 (permalink) Old 09-11-2010, 09:56 PM
Algae Grower
 
TheeOldMan's Avatar
 
Join Date: Jul 2009
Location: Upstate NY
Posts: 28
if it wasnt for the internet still being like the wild freakin west, think of what could get done !
i might have a problem with my Father-in-laws computer, because of recent e-mail that had malicious attachment, but one of my kids was on and checked e-mail (even though ive told them DO NOT TOUCH GRAMPAS COMPUTER ! lol
Grampa was away and guess what ? lol

2.6g Fry ( snails + water spider )
10g Guppies
20g Guppies + Pleco (common) , Hornwort
TheeOldMan is offline  
Closed Thread

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the The Planted Tank Forum forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in









Human Verification

In order to verify that you are a human and not a spam bot, please enter the answer into the following box below based on the instructions contained in the graphic.



Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page
Display Modes
Linear Mode Linear Mode



Posting Rules  
You may not post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome