Spammers on my forum?

Actually, I forgot to add a few other things I did..

* Changed forum title and description to warn members to scan PC for viruses.

* Spammed all members warning of recent attack.

Anything else I should do next time...???

Have to say that changing your forum name looks ridiculous. If you want to warn your members then there's the group email option....

Either one of your admins had their password hacked (so that the forum rules could be changed) or they did it themselves.

Have all your admins change their passwords, just to be sure.

I would like to know why and how my anti virus alerted me to the worms when I did not click a link.?

Any ideas?

Have to say that changing your forum name looks ridiculous.

-coloneljack

We do that on an almost daily basis anyway, just to reflect the mood/humour of the forum... ;-D

Have all your admins change their passwords, just to be sure.

-coloneljack

I thinks so. Warnings were posted to that effect, so I hope everyone has had the sense to do so...

I would like to know why and how my anti virus alerted me to the worms when I did not click a link.?
Any ideas?

-rockhopper

Quite right, mate! That's really got me confused as well. Still can't work out if it just targetted you, or if your antivirus detection is better than others. I'm hoping everyone else did the recommended scan just in case...

One more question - and please excuse me if the answer is obvious, as I'm no IT God... But, is it possible that a random image link off the internet posted on our forum could have been a backdoor for the spammers to get in...???

Not in regards to the Spam attack, but long time ago, with one of the Lefora upgrades, some of the private Forums had been changed to public by mistake. Not sure if something similar may have happened to you that does not involve your Forum being Hacked.

As for the virus scan, recently the New York Times and other prominent websites was hit with a phony advertisement the purports to be a virus scan that says your computer was hosting a worm/virus. This was done to get unaware people to click on it and d/l a real virus. I am not sure if Windows has improved but it did have enough vulnerabilities that you could be compromised with out any action on your part. IE was/is a really insecure Browser and most computer professionals use others that are standard compliant.

Congratulations Matt - you managed not to mention Linux in a post.

Mwaa?

lol :-D

Have tried to encourage more of our members to run on Firefox, but in some cases the reply hs been "What's a web browser...?" D'oh!!

lol :-D
Have tried to encourage more of our members to run on Firefox, but in some cases the reply hs been "What's a web browser...?" D'oh!!

-fossilmagnet

I feel your pain....

hi fossilmagnet, i'd be surprised if this could happen on your forum just from a spammer posting.  If anti-virus messages are popping up on your forum, it's possible that you, as the admin, added a third-party widget on the sidebar of your forum that has a something malicious in it.  This may not be the case, it's only an assumption.

I see your forum, luckypants.lefora.com, is set to fully private now. You can switch the forum to public, but restrict posting only to members you approve - Public is the security setting we recommend to take advantage of all the promotion features we offer (they only work on public forums).

I feel your pain....

-coloneljack

ROFL^ ;-D

hi fossilmagnet, i'd be surprised if this could happen on your forum just from a spammer posting.  If anti-virus messages are popping up on your forum, it's possible that you, as the admin, added a third-party widget on the sidebar of your forum that has a something malicious in it.  This may not be the case, it's only an assumption.

I see your forum, luckypants.lefora.com, is set to fully private now. You can switch the forum to public, but restrict posting only to members you approve - Public is the security setting we recommend to take advantage of all the promotion features we offer (they only work on public forums).

-chief

Tbh, I know very little about this kind of stuff, but what I can say for sure is we have no 3rd party widgets on there. I added a chatbox (as per threads on here) a while back, yet felt like the privacy of the forum was being compromised as a result, and so removed it. Other than that, nothing else has been added in the last 4+ months...

I'm more inclined to think that an admin with a "weak" password got hacked. Could well be wrong, naturally, and am always open to other suggestions...

As I see it, both Lefora and Firefox are pretty tight security-wise, so I'm inclined to look elsewhere in terms of trying to figure out how they got in...

Do you think a mod/admin with a "weak" password would be a likely suspect...?

Do you think a mod/admin with a "weak" password would be a likely suspect...?

-fossilmagnet

Yes.

Yeah, I thought as much... Have already reduced the number of mods/admins and advised them to reset to stronger passwords. Hopefully that should do it... ;-D

Cheers!!!

installing malicious software on the forum could come from an admin (with a compromised password), not so much a mod.  So I'd keep a close eye on the admin accounts and change the password.

Not in regards to the Spam attack, but long time ago, with one of the Lefora upgrades, some of the private Forums had been changed to public by mistake. Not sure if something similar may have happened to you that does not involve your Forum being Hacked.
As for the virus scan, recently the New York Times and other prominent websites was hit with a phony advertisement the purports to be a virus scan that says your computer was hosting a worm/virus. This was done to get unaware people to click on it and d/l a real virus. I am not sure if Windows has improved but it did have enough vulnerabilities that you could be compromised with out any action on your part. IE was/is a really insecure Browser and most computer professionals use others that are standard compliant.

-mattb4

Hi mattb4

I am very aware of fake antivirus pop ups, I have schooled a number of people (older relations mainly) in how to spot the difference! LOL  no mean feat!!

I don't use IE ( strictly firefox - sometimes Chrome if the FF beta isnt working  lol)

I am 99% sure I did not click on a link or a picture on the particular thread , this concerns me.
 I have never experienced an attack when I have not been active in letting myself get attacked!!

I'm even beginning to doubt myself.  The only thing I can think of, is that I quoted the spammer to give him some abuse (I know, I know......  ignore them!!)

If you quote a message which contains a link to a virus are you in effect opening the link in some way??

This is the only thing that makes sense, as a direct attack through lefora  to my pc seems highly unlikely!?

Thanks for the responses guys :D

Great site by the way  :D

"Hey Teal'c, what's with the hair?"

-coloneljack

The finest SCFI character ever to grace our screens!  lol

I have not used Windows since 98SE so I have not kept up with the exploits of or means of securing from online attacks. Some of the best are to have a hardware based Firewall (routers have these) and not to open too many services. A site I have used in the past and I see is still active, will check to see what ports you have open and perhaps vulnerable to attack. Shields UP! — Internet Vulnerability Profiling  It also contains a lot of good material on setups to protect a PC from getting hacked. I have posted a screen shot of their beginning Statement. I also posted a results shot of my computer (I run openSUSE Linux and am not surprised that the results are unusual for a Windows computer). Note: this does not require you to install anything!

. A site I have used in the past and I see is still active, will check to see what ports you have open and perhaps vulnerable to attack. Shields UP!

-mattb4

I have disabled all of my "remote access" services.

Thanks for the link to the site:

I gave it a whirl.

I do run windows ...  lol     But I am still very,very tempted by linux