Thread: Detected Malware 02/18 @ 08:40 EDT
View Single Post
Old 03-12-2014, 03:21 PM   #7
49Kat
Fanatic
49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.
 
49Kat's Avatar
 
Posts: 580
Karma: 1309104
Join Date: Oct 2011
Location: BC,Canada/NV, USA
Device: iPad 9th Gen, iPhone 11, Paperwhite 10th Gen.
Quote:
Originally Posted by Alexander Turcic View Post
Today the account of one of our moderators was compromised. As a result an attacker used this account at 8:41 AM EDT and injected malicious cross-site-scripting code into our forum software with the goal to gain access to the database. At 9:19 AM EDT team members discovered and removed the code and locked down the compromised account. Due to existing safety measures, access to the database did not occur.

Given the nature of this attack, we contacted everyone who loaded the malicious code (around 30 members) with the suggestion to proactively change their user passwords.

Our apologies for the inconvenience.

Cheers,
Alexander

MobileRead Team
I'm late to this, as I don't often scroll down to this part of the forum.

Just curious, how would you know who loaded the malicious code? Did it require downloading something or did one just have to land on the wrong page with malicious code loaded into a signature on someone's post or...what? I guess I'm a little paranoid, but I know sometimes just landing on a web page can get one's computer infected.
49Kat is offline   Reply With Quote