Orio opened this issue on Dec 22, 2004 ยท 12 posts
Orio posted Wed, 22 December 2004 at 3:17 AM
I just went to visit UV Mapper's site to learn about the new version, and I found a strange writing instead - I think it was hacked I'm afraid - but why?
xantor posted Wed, 22 December 2004 at 3:30 AM
They just do it out of badness. It is a shame just with christmas coming up.
lmckenzie posted Wed, 22 December 2004 at 8:20 AM
Nothing personal toward them, it's a new worm going around that uses Google to find vurlnerable sites. Supposedly it targets sites running phpBB software according to the report I read.
"Democracy is a pathetic belief in the collective wisdom of individual ignorance." - H. L. Mencken
kuroyume0161 posted Wed, 22 December 2004 at 8:21 AM
This is a vulnerability in phpBB - just got a warning about it myself (as I plan on using it for my own forum). Not a good sign - I think that the a**holes are winning... Just had a would-be hacker in Russia get onto one of my DNS servers and install Apache so that he'd be able to use the system for whatever malicious purposes. I left him a XMas 'present'. ;)
C makes it easy to shoot yourself in the
foot. C++ makes it harder, but when you do, you blow your whole leg
off.
-- Bjarne
Stroustrup
Contact Me | Kuroyume's DevelopmentZone
Robo2010 posted Wed, 22 December 2004 at 8:32 AM
G's some nerve of people who we live with on this earth who like to see chaos. :-(
cherokee69 posted Wed, 22 December 2004 at 9:10 AM
Just came from there http://www.uvmapper.com/. The site is working as normal except for the forums which looks like they were hacked.
randym77 posted Wed, 22 December 2004 at 10:25 AM
Well, I guess that explains why I couldn't get into Google for awhile last night. Google has supposedly blocked the worm now, so it's not spreading any more. Which of course means the next version will also use Yahoo, Lycos, A9, Dogpile, etc. :-P
mateo_sancarlos posted Wed, 22 December 2004 at 1:09 PM
Was this the security exploit that affects machine which have google's search engine installed? I heard that when they do a search, it checks all the files on the machine, then goes out on the internet. If it is somehow redirected to a dummy site instead of google's site, then this gives the hacker control over the machine with the search engine installed on it.
Natolii posted Wed, 22 December 2004 at 4:43 PM
Poserpros reported 3000 attempts by this hack. Of course Russell patched his site a few days after the vulnerbility was reported.
randym77 posted Wed, 22 December 2004 at 5:51 PM
No, this is a worm that attacks unpatched PHP message boards. It spreads over the net, and personal computers won't be affected (unless you're using your personal computer as a message board server). Once it finds an unpatched message board, it copies itself to the computer hosting it, changes all the Web pages to a "defaced" message, then uses Google to search for "viewtopic," which is apparently a common term used on unpatched PHP message boards. And it starts over again. Google blocked the worm last night, which pretty much stopped it in its tracks.
lmckenzie posted Wed, 22 December 2004 at 7:12 PM
Unfortunately, this may just be the tip of the iceberg. Search engines can reveal all kinds of goodies about the software running on the sites they spider. Look into "Google Hacking." People have been grabbing passwords and other information using Google for a while now. Come into my parlor said the spider to the fly.
"Democracy is a pathetic belief in the collective wisdom of individual ignorance." - H. L. Mencken
Ben_Dover posted Wed, 22 December 2004 at 7:56 PM
Attached Link: http://www.phpbb.com/phpBB/viewtopic.php?t=241300
Those of you running phpBB on your site, I encourage you to read all about it at the provided link before it's too late. There's a variety of patching methods available, links available in the downloads section there. You can also get a mod version, search for it there.