Register Guidelines E-Books Search Today's Posts Mark Forums Read

Go Back   MobileRead Forums > Miscellaneous > Announcements

Notices

Reply
 
Thread Tools Search this Thread
Old 02-28-2014, 02:11 PM   #1
Alexander Turcic
Fully Converged
Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.
 
Alexander Turcic's Avatar
 
Posts: 18,163
Karma: 14021202
Join Date: Oct 2002
Location: Switzerland
Device: Too many to count here.
Detected Malware 02/18 @ 08:40 EDT

Today the account of one of our moderators was compromised. As a result an attacker used this account at 8:41 AM EDT and injected malicious cross-site-scripting code into our forum software with the goal to gain access to the database. At 9:19 AM EDT team members discovered and removed the code and locked down the compromised account. Due to existing safety measures, access to the database did not occur.

Given the nature of this attack, we contacted everyone who loaded the malicious code (around 30 members) with the suggestion to proactively change their user passwords.

Our apologies for the inconvenience.

Cheers,
Alexander

MobileRead Team
Alexander Turcic is offline   Reply With Quote
Old 03-01-2014, 09:42 AM   #2
David Munch
Scholar
David Munch ought to be getting tired of karma fortunes by now.David Munch ought to be getting tired of karma fortunes by now.David Munch ought to be getting tired of karma fortunes by now.David Munch ought to be getting tired of karma fortunes by now.David Munch ought to be getting tired of karma fortunes by now.David Munch ought to be getting tired of karma fortunes by now.David Munch ought to be getting tired of karma fortunes by now.David Munch ought to be getting tired of karma fortunes by now.David Munch ought to be getting tired of karma fortunes by now.David Munch ought to be getting tired of karma fortunes by now.David Munch ought to be getting tired of karma fortunes by now.
 
David Munch's Avatar
 
Posts: 1,008
Karma: 3999312
Join Date: Aug 2008
Location: Denmark
Device: Kobo Libra H2O + iPad Air 4
Uh, I feel special now.

*Changed his password*
David Munch is offline   Reply With Quote
Advert
Old 03-01-2014, 02:14 PM   #3
vivaldirules
When's Doughnut Day?
vivaldirules ought to be getting tired of karma fortunes by now.vivaldirules ought to be getting tired of karma fortunes by now.vivaldirules ought to be getting tired of karma fortunes by now.vivaldirules ought to be getting tired of karma fortunes by now.vivaldirules ought to be getting tired of karma fortunes by now.vivaldirules ought to be getting tired of karma fortunes by now.vivaldirules ought to be getting tired of karma fortunes by now.vivaldirules ought to be getting tired of karma fortunes by now.vivaldirules ought to be getting tired of karma fortunes by now.vivaldirules ought to be getting tired of karma fortunes by now.vivaldirules ought to be getting tired of karma fortunes by now.
 
vivaldirules's Avatar
 
Posts: 10,059
Karma: 13675475
Join Date: Jul 2007
Location: Houston, TX, US
Device: Sony PRS-505, iPad
Thank you, Alexander, for once again being on top of things and being open about it.
vivaldirules is offline   Reply With Quote
Old 03-01-2014, 07:44 PM   #4
crich70
Grand Sorcerer
crich70 ought to be getting tired of karma fortunes by now.crich70 ought to be getting tired of karma fortunes by now.crich70 ought to be getting tired of karma fortunes by now.crich70 ought to be getting tired of karma fortunes by now.crich70 ought to be getting tired of karma fortunes by now.crich70 ought to be getting tired of karma fortunes by now.crich70 ought to be getting tired of karma fortunes by now.crich70 ought to be getting tired of karma fortunes by now.crich70 ought to be getting tired of karma fortunes by now.crich70 ought to be getting tired of karma fortunes by now.crich70 ought to be getting tired of karma fortunes by now.
 
crich70's Avatar
 
Posts: 11,306
Karma: 43993832
Join Date: Feb 2010
Location: Monroe Wisconsin
Device: K3, Kindle Paperwhite, Calibre, and Mobipocket for Pc (netbook)
I never even noticed a thing. Guess I missed the (unwanted) excitement.
crich70 is offline   Reply With Quote
Old 03-02-2014, 03:24 AM   #5
Lynx-lynx
Treachery of images ...
Lynx-lynx ought to be getting tired of karma fortunes by now.Lynx-lynx ought to be getting tired of karma fortunes by now.Lynx-lynx ought to be getting tired of karma fortunes by now.Lynx-lynx ought to be getting tired of karma fortunes by now.Lynx-lynx ought to be getting tired of karma fortunes by now.Lynx-lynx ought to be getting tired of karma fortunes by now.Lynx-lynx ought to be getting tired of karma fortunes by now.Lynx-lynx ought to be getting tired of karma fortunes by now.Lynx-lynx ought to be getting tired of karma fortunes by now.Lynx-lynx ought to be getting tired of karma fortunes by now.Lynx-lynx ought to be getting tired of karma fortunes by now.
 
Lynx-lynx's Avatar
 
Posts: 4,069
Karma: 91561091
Join Date: May 2012
Location: Australia
Device: Blackberry Playbook, Sony 650, Kobo Glo, H2O, Aura One, Forma, Libra 2
Thank you Alexander for alerting the Community about this attack.

It comforts me to know that you have security measures in place to handle such an attack and/or compromised situation.

Special thanks to the Moderators who were so quick off the mark.
Lynx-lynx is offline   Reply With Quote
Advert
Old 03-02-2014, 10:59 AM   #6
Billi
Wizard
Billi ought to be getting tired of karma fortunes by now.Billi ought to be getting tired of karma fortunes by now.Billi ought to be getting tired of karma fortunes by now.Billi ought to be getting tired of karma fortunes by now.Billi ought to be getting tired of karma fortunes by now.Billi ought to be getting tired of karma fortunes by now.Billi ought to be getting tired of karma fortunes by now.Billi ought to be getting tired of karma fortunes by now.Billi ought to be getting tired of karma fortunes by now.Billi ought to be getting tired of karma fortunes by now.Billi ought to be getting tired of karma fortunes by now.
 
Billi's Avatar
 
Posts: 3,388
Karma: 14190103
Join Date: Jun 2009
Location: Berlin
Device: Cybook, iRex, PB, Onyx
So, have you thrown the commander overboard?

Thanks to the mods who have been so attentive and knowledgeable!
Billi is offline   Reply With Quote
Old 03-12-2014, 03:21 PM   #7
49Kat
Fanatic
49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.
 
49Kat's Avatar
 
Posts: 580
Karma: 1309104
Join Date: Oct 2011
Location: BC,Canada/NV, USA
Device: iPad 9th Gen, iPhone 11, Paperwhite 10th Gen.
Quote:
Originally Posted by Alexander Turcic View Post
Today the account of one of our moderators was compromised. As a result an attacker used this account at 8:41 AM EDT and injected malicious cross-site-scripting code into our forum software with the goal to gain access to the database. At 9:19 AM EDT team members discovered and removed the code and locked down the compromised account. Due to existing safety measures, access to the database did not occur.

Given the nature of this attack, we contacted everyone who loaded the malicious code (around 30 members) with the suggestion to proactively change their user passwords.

Our apologies for the inconvenience.

Cheers,
Alexander

MobileRead Team
I'm late to this, as I don't often scroll down to this part of the forum.

Just curious, how would you know who loaded the malicious code? Did it require downloading something or did one just have to land on the wrong page with malicious code loaded into a signature on someone's post or...what? I guess I'm a little paranoid, but I know sometimes just landing on a web page can get one's computer infected.
49Kat is offline   Reply With Quote
Old 03-12-2014, 03:23 PM   #8
Glorfindel
Force-Aware Elf
Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.
 
Glorfindel's Avatar
 
Posts: 4,757
Karma: 11557898
Join Date: Feb 2014
Location: Valinor
Device: Kindle 4 w/SO
or even closing one
Glorfindel is offline   Reply With Quote
Old 03-12-2014, 08:07 PM   #9
49Kat
Fanatic
49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.
 
49Kat's Avatar
 
Posts: 580
Karma: 1309104
Join Date: Oct 2011
Location: BC,Canada/NV, USA
Device: iPad 9th Gen, iPhone 11, Paperwhite 10th Gen.
Quote:
Originally Posted by Glorfindel View Post
or even closing one
I'm unsure about the nature or intention of this post. I was referring to what is commonly known as a "drive by download".


https://blogs.mcafee.com/consumer/drive-by-download
49Kat is offline   Reply With Quote
Old 03-13-2014, 05:44 AM   #10
Alexander Turcic
Fully Converged
Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.Alexander Turcic ought to be getting tired of karma fortunes by now.
 
Alexander Turcic's Avatar
 
Posts: 18,163
Karma: 14021202
Join Date: Oct 2002
Location: Switzerland
Device: Too many to count here.
Quote:
Originally Posted by 49Kat View Post
Just curious, how would you know who loaded the malicious code? Did it require downloading something or did one just have to land on the wrong page with malicious code loaded into a signature on someone's post or...what? I guess I'm a little paranoid, but I know sometimes just landing on a web page can get one's computer infected.
Seeing who loaded the malicious code was trivial thanks to the error triggered by it and recorded in our server logs. Through a compromised moderator account the javascript code was embedded in a fake announcement - basically waiting for an administrator to load that page. Once that would have happened, the code should have been able to install a payload software onto our system that could have allowed them access to the database. The exploit has been known since November 2013 when MacRumors, Ubuntu Forums and openSUSE forums were hit by it, and we took precautions to prevent the payload from getting executed. As a side effect, everyone who loaded the code in the duration of those 30+ minutes before we detected it was confronted with an error message.

So in a nutshell, this code was not about infecting your computer (it didn't), but about using your MobileRead credentials to execute administrator commands. Kinda like a brute force attack not caring whether you are actually an administrator or not.
Alexander Turcic is offline   Reply With Quote
Old 03-13-2014, 11:23 AM   #11
49Kat
Fanatic
49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.
 
49Kat's Avatar
 
Posts: 580
Karma: 1309104
Join Date: Oct 2011
Location: BC,Canada/NV, USA
Device: iPad 9th Gen, iPhone 11, Paperwhite 10th Gen.
OK. Thanks, Alexander.
49Kat is offline   Reply With Quote
Old 03-13-2014, 06:25 PM   #12
Glorfindel
Force-Aware Elf
Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.
 
Glorfindel's Avatar
 
Posts: 4,757
Karma: 11557898
Join Date: Feb 2014
Location: Valinor
Device: Kindle 4 w/SO
Quote:
Originally Posted by 49Kat View Post
I'm unsure about the nature or intention of this post. I was referring to what is commonly known as a "drive by download".
https://blogs.mcafee.com/consumer/drive-by-download
what I meant was that some viruses attempt to install when you close the page it's on...
Glorfindel is offline   Reply With Quote
Old 03-13-2014, 06:28 PM   #13
Glorfindel
Force-Aware Elf
Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.Glorfindel ought to be getting tired of karma fortunes by now.
 
Glorfindel's Avatar
 
Posts: 4,757
Karma: 11557898
Join Date: Feb 2014
Location: Valinor
Device: Kindle 4 w/SO
you mentioned "landing on a page can get ones computer infected"...
Glorfindel is offline   Reply With Quote
Old 03-13-2014, 07:25 PM   #14
49Kat
Fanatic
49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.49Kat ought to be getting tired of karma fortunes by now.
 
49Kat's Avatar
 
Posts: 580
Karma: 1309104
Join Date: Oct 2011
Location: BC,Canada/NV, USA
Device: iPad 9th Gen, iPhone 11, Paperwhite 10th Gen.
Quote:
Originally Posted by Glorfindel View Post
what I meant was that some viruses attempt to install when you close the page it's on...
Ah, OK, I see. I wasn't sure if your comment was tongue-in-cheek or not. Hard to tell online sometimes how things are intended. Thanks for clarifying.

Now that you mention it, about things trying to install when you close a web page, a while back I went to a page where a popup window showed up offering to download something, and clicking on any button in that window (even if it said "no" or "cancel") would start a download, or even using the red 'x' in the corner to close the window would start the download. I think in that case I closed the entire browser and ran a scan with Malwarebytes, which did find a partial of a malware file.

I've also had it happen where I've gone to a web page and my AV software popped up a warning about some malware of some sort trying to run. If my memory is correct, I think that was a java exploit, which my antivirus software blocked. (I don't have java on my windows machines anymore.)

When I read Alexander's post, I had wondered if it was that sort of exploit in a signature or something like that that Alexander was referring to.
49Kat is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Scheduled Maintenance June 18 (Tuesday) @ 3:00am EDT Alexander Turcic Announcements 6 06-16-2013 03:59 PM
Scheduled Maintenance 03/10 @ 05:00 EDT Alexander Turcic Announcements 5 03-17-2013 05:40 AM
Scheduled Maintenance 07/03 @ 05:00 EDT Alexander Turcic Announcements 0 07-02-2012 02:00 AM
Scheduled Maintenance 06/24 @ 05:00 EDT Alexander Turcic Announcements 4 06-25-2012 02:29 AM
Scheduled maintenance 08/03 @ 4am EDT Alexander Turcic Announcements 13 08-03-2008 09:52 AM


All times are GMT -4. The time now is 12:39 AM.


MobileRead.com is a privately owned, operated and funded community.