SECURITY WARNING For Those Running Or Even Just Visiting/Browsing Article Dashboard Generated Sites!

Allen Graves · 11-01-2009, 05:19 PM

There is a new BlueFart program out there that apparently can get past what we previously thought was enough security patches.

You will suddenly see hyperlinks all over your pages and an iframe trojan alert - HTML:IFrame-EC [Trj] - from some virus protection programs such as Avast.

This is a security issue not just for those running the script, but for those who are visiting your directory and clicking on the links! A lot different than the previous hacks that only harmed your site or stole from your earnings. This one can get your visitors - very VERY bad news there.

I am not sure if it is able to load a trojan through your site, looking into that, but I think it can only load if you click on one of the links which lead to jsp 'pages'.

Check your directory every day. All you will have to do (as far as I can tell so far) is overwrite all of your hacked template files, so if I were you, I would go and back them all up RIGHT NOW!

This includes your 'admintemplates' folder.

This is one of the main reasons I ditched AD (still have it as an archived directory) - poor security and absolutely no support for it.

The hackers also got my blog and forum but my new article directory platform is going strong! Looks like a busy Monday! LOL

Allen

Allen Graves · 11-01-2009, 05:28 PM

If anyone could email me the default admintemplates folder I would surely appreciate it.

Allen Graves
(email link in profile)

Steven Wagenheim · 11-01-2009, 05:30 PM

How do we know what directories are running this platform?

Allen Graves · 11-01-2009, 05:45 PM

They all look pretty much the same.

- Right Nav Bar
- Category list on top of home page followed by individual article hyperlinks

But the giveaway, and probably the way these hackers are finding them, is the inevitable and unremoveable - "Powered by Article Dashboard" at the bottom of the pages.

It's funny how the actual articledahboard.com site removed that from their pages, huh?.

Allen

11-01-2009, 05:19 PM	#1
Allen Graves PromoteMyArticles.com War Room Member Join Date: Jun 2008 Location: Tampa, Florida Posts: 2,469 Blog Entries: 13 Thanks: 610 Thanked 697 Times in 306 Posts	SECURITY WARNING For Those Running Or Even Just Visiting/Browsing Article Dashboard Generated Sites! There is a new BlueFart program out there that apparently can get past what we previously thought was enough security patches. You will suddenly see hyperlinks all over your pages and an iframe trojan alert - HTML:IFrame-EC [Trj] - from some virus protection programs such as Avast. This is a security issue not just for those running the script, but for those who are visiting your directory and clicking on the links! A lot different than the previous hacks that only harmed your site or stole from your earnings. This one can get your visitors - very VERY bad news there. I am not sure if it is able to load a trojan through your site, looking into that, but I think it can only load if you click on one of the links which lead to jsp 'pages'. Check your directory every day. All you will have to do (as far as I can tell so far) is overwrite all of your hacked template files, so if I were you, I would go and back them all up RIGHT NOW! This includes your 'admintemplates' folder. This is one of the main reasons I ditched AD (still have it as an archived directory) - poor security and absolutely no support for it. The hackers also got my blog and forum but my new article directory platform is going strong! Looks like a busy Monday! LOL Allen
	Just another new article directory.

11-01-2009, 05:28 PM	#2
Allen Graves PromoteMyArticles.com War Room Member Join Date: Jun 2008 Location: Tampa, Florida Posts: 2,469 Blog Entries: 13 Thanks: 610 Thanked 697 Times in 306 Posts	Re: SECURITY WARNING For Those Running Or Even Just Visiting/Browsing Article Dashboard Generated Si If anyone could email me the default admintemplates folder I would surely appreciate it. Allen Graves (email link in profile)
	Just another new article directory.

11-01-2009, 05:30 PM	#3
Steven Wagenheim Content & Copywriting Wiz War Room Member Join Date: Dec 2006 Location: Roselle, NJ, USA Posts: 16,394 Blog Entries: 11 Thanks: 1,529 Thanked 6,187 Times in 2,284 Posts Social Networking	Re: SECURITY WARNING For Those Running Or Even Just Visiting/Browsing Article Dashboard Generated Si How do we know what directories are running this platform?
	The 2nd Best Newsletter On The Web Next To Paul Myers Talk Biz News...Please See Paul's Sig For A Link To It

11-01-2009, 05:45 PM	#4
Allen Graves PromoteMyArticles.com War Room Member Join Date: Jun 2008 Location: Tampa, Florida Posts: 2,469 Blog Entries: 13 Thanks: 610 Thanked 697 Times in 306 Posts	Re: SECURITY WARNING For Those Running Or Even Just Visiting/Browsing Article Dashboard Generated Si They all look pretty much the same. - Right Nav Bar - Category list on top of home page followed by individual article hyperlinks But the giveaway, and probably the way these hackers are finding them, is the inevitable and unremoveable - "Powered by Article Dashboard" at the bottom of the pages. It's funny how the actual articledahboard.com site removed that from their pages, huh?. Allen
	Just another new article directory.