Detected Malware 02/18 @ 08:40 EDT
Today the account of one of our moderators was compromised. As a result an attacker used this account at 8:41 AM EDT and injected malicious cross-site-scripting code into our forum software with the goal to gain access to the database. At 9:19 AM EDT team members discovered and removed the code and locked down the compromised account. Due to existing safety measures, access to the database did not occur.
Given the nature of this attack, we contacted everyone who loaded the malicious code (around 30 members) with the suggestion to proactively change their user passwords.
Our apologies for the inconvenience.
Cheers,
Alexander
MobileRead Team
|