Planet Cyrene: unable to visit cyrene forum

Discussion in 'Planet Cyrene' started by GeorgeSkywalker, Jul 7, 2012.

  1. Hi,

    seems CyreneForum had an unpleasant guest. And made it to the Google Safe Browsing Blacklist even ;-)

    Did a quick investigate, found this: ZScaler
    (might contain helpful info)

    Hard to tell what happened without further info, but since Lykke mentioned a spammer it could have been something like this:
    Klick me - Xandra killing a Boorum - NEKKID!
    (is safe, I promise!)

    A link pointing to a site that would run malicious code, hidden in a spam post. Since it seems that the attack then works via JavaScript, there's an easy way to avoid such an attack: Disable JavaScript ;-)

    OK, not really practicable ... Next best guess would be to use an AddOn like "NoScript" (for FireFox) or similar for other browsers - they'd disallow reliably the execution of code coming from unknown sites.
    (highly recommended anyways!)

    For now, I have removed CF from the NoScript WhiteList temporally, still works. And so:
    Google Safe Browsing says that last find was 07-07, and last visit was 07-08, so CF should be clean meanwhile. But the bad gurlz/ boiz might come back ...

    Such can happen everywhere, every time at every site that allows user generated content. It's very simple to do, and you'll find it all over the place. But unfortunately, those buggers still find their victims that click anything that isn't up the tree when counted to three ...

    As long as the attack didn't use code injection to the actual site, the site owners are not to blame, they cannot monitor any post 24/7, right?

    So better use a tool to protect yourself - Google Safe Browsing is a great help, but is quite slow. Better have a tool that just monitors your browsing and blocks hidden accesses to shady sites, invisible iFrames, and code execution from there.
    And if there's no such reliable tool for your browser, get yourself a better one ;-)

    Have fun!
  2. Lykke TheNun

    Lykke TheNun Lootius bless you all!

    Thank you Xandra :) I'm sure Peter will see this

  3. I took your suggestion and did not 1 but 3 full scans on both my HDD no infections found Thanks :)
  4. Lykke TheNun

    Lykke TheNun Lootius bless you all!

    Just a quick update, that we heard today from several users of the forum that the warning seems to be gone now.
  5. NotAdmin

    NotAdmin Administrator

    It had nothing to do with bots, but thanks for your input.
  6. NotAdmin

    NotAdmin Administrator

    Thanks. That did help. The infection was gone already, but at least now I know how they got in.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.