SECURITY WARNING For Those Running Or Even Just Visiting/Browsing Article Dashboard Generated Sites!
There is a new BlueFart program out there that apparently can get past what we previously thought was enough security patches.
You will suddenly see hyperlinks all over your pages and an iframe trojan alert - HTML:IFrame-EC [Trj] - from some virus protection programs such as Avast.
This is a security issue not just for those running the script, but for those who are visiting your directory and clicking on the links! A lot different than the previous hacks that only harmed your site or stole from your earnings. This one can get your visitors - very VERY bad news there.
I am not sure if it is able to load a trojan through your site, looking into that, but I think it can only load if you click on one of the links which lead to jsp 'pages'.
Check your directory every day. All you will have to do (as far as I can tell so far) is overwrite all of your hacked template files, so if I were you, I would go and back them all up RIGHT NOW!
This includes your 'admintemplates' folder.
This is one of the main reasons I ditched AD (still have it as an archived directory) - poor security and absolutely no support for it.
The hackers also got my blog and forum but my new article directory platform is going strong! Looks like a busy Monday! LOL
Allen
You will suddenly see hyperlinks all over your pages and an iframe trojan alert - HTML:IFrame-EC [Trj] - from some virus protection programs such as Avast.
This is a security issue not just for those running the script, but for those who are visiting your directory and clicking on the links! A lot different than the previous hacks that only harmed your site or stole from your earnings. This one can get your visitors - very VERY bad news there.
I am not sure if it is able to load a trojan through your site, looking into that, but I think it can only load if you click on one of the links which lead to jsp 'pages'.
Check your directory every day. All you will have to do (as far as I can tell so far) is overwrite all of your hacked template files, so if I were you, I would go and back them all up RIGHT NOW!
This includes your 'admintemplates' folder.
This is one of the main reasons I ditched AD (still have it as an archived directory) - poor security and absolutely no support for it.
The hackers also got my blog and forum but my new article directory platform is going strong! Looks like a busy Monday! LOL
Allen
-
Allen Graves -
Thanks - 1 reply
SignatureEvery day I check the obituaries. If I don't see my name there, then I know it's going to be a good day!{{ DiscussionBoard.errors[1340386].message }}-
Steven Wagenheim -
Thanks
SignatureMy Soundcloud Music Channel{{ DiscussionBoard.errors[1340393].message }} -
-
-
Allen Graves -
Thanks
SignatureEvery day I check the obituaries. If I don't see my name there, then I know it's going to be a good day!{{ DiscussionBoard.errors[1340421].message }} -