Another hack <sigh>

Here you'll find helpful tips regarding the operation of the Discussion Boards at First Tracks!! Online, as well as general announcements for our users.

Another hack <sigh>

Postby Admin » Wed Sep 28, 2016 11:59 am

Apologies to those who, for a relatively short time this morning, attempted to access FTO via a mobile device and got ads for porn sites instead. Beginning shortly after 7 a.m. MT this morning this behavior was occurring, and by 10 a.m. the problem was resolved.

For those techies who are curious about the specifics, a couple of Wordpress' PHP files buried deep in the core of the CMS were altered to create modified .htaccess files that redirected visitors using mobile devices. While it's not entirely clear how they gained access to the server to upload those modified files, passwords have been changed and a new malware/hack scanner has been installed on the server.
Image

Image
User avatar
Admin
Site Admin
 
Posts: 9976
Joined: Wed Sep 22, 2004 9:32 am
Location: Salt Lake City, Utah

Re: Another hack <sigh>

Postby EMSC » Thu Sep 29, 2016 10:07 am

Yep, saw that when I went to check the news and figured it was a hack yesterday...
User avatar
EMSC
 
Posts: 2009
Joined: Wed Apr 11, 2007 6:54 pm
Location: Front Range of Colorado

Re: Another hack <sigh>

Postby Admin » Fri Sep 30, 2016 10:45 am

As an addendum, this morning I figured out how they were getting in. Our download manager was allowing unauthenticated ajax calls to execute arbitrary functions. This would allow an attacker to upload arbitrary files and perform a variety of other malicious tasks. That hole has now been plugged.
Image

Image
User avatar
Admin
Site Admin
 
Posts: 9976
Joined: Wed Sep 22, 2004 9:32 am
Location: Salt Lake City, Utah


Return to F.Y.I.

Who is online

Users browsing this forum: No registered users and 4 guests


All content herein copyright © 1999-2017 First Tracks!! Online Media

Forums Terms & Conditions of Use

cron