advertisement
Forums

The Forum is sponsored by 
 

AAPL stock: Click Here

You are currently viewing the Tips and Deals forum
Compromised web site?
Posted by: blooz
Date: July 10, 2019 02:21PM
I went to my friend's food sculpture site and right after the home page opened I got this:

[forums.macresource.com]

It forces you to accept notifications, "not now" doesn't work, clicking on it gets you to a notice to download the latest Adobe Flash player. Not suspicious at all.
The site is [jimvictormariepelton.com]
if anyone wants to look.



And we should consider every day lost on which we have not danced at least once.
—Friedrich Nietzsche
Western Massachusetts



Edited 1 time(s). Last edit at 07/10/2019 02:22PM by blooz.
Options:  Reply • Quote
Re: Compromised web site?
Posted by: hal
Date: July 10, 2019 02:26PM
wtf?? the URL doesn't match the one in the image and neither matches the URL I get when I click your link. When I refuse, it jumps to another URL with the same request. That's nasty.
Options:  Reply • Quote
Re: Compromised web site?
Posted by: btfc
Date: July 10, 2019 02:48PM
"Compromised web site?"

Yes, compromized.
Options:  Reply • Quote
Re: Compromised web site?
Posted by: cbelt3
Date: July 10, 2019 03:46PM
Seems fine now. LOTS of web sites get compromised by a variety of malware attacks. Even big corporate ones. Constant vigilance is required.
Options:  Reply • Quote
Re: Compromised web site?
Posted by: hal
Date: July 10, 2019 03:54PM
Quote
cbelt3
Seems fine now. LOTS of web sites get compromised by a variety of malware attacks. Even big corporate ones. Constant vigilance is required.

nope - just loaded it again and it went through 5 redirects before telling me that I need to upgrade my flash player.
Options:  Reply • Quote
Re: Compromised web site?
Posted by: Filliam H. Muffman
Date: July 10, 2019 06:20PM
Yep, that's pretty bad.

An older version of the source from Archive.Org seems to imply WordPress and Ajax. My first guess would be an exploit of the template or CRM program used to create the site, second would be a HTML injection, a small chance it could be something like a poisoned DNS cache.

The admin needs to: 1) contact the hosting company, 2) wipe the site, 3) read up on WP exploits and recent patches, 4) rebuild the site using the newest version of the tools and upload it.



In tha 360. MRF User Map
Options:  Reply • Quote
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 272
Record Number of Users: 52 on November 20, 2014
Record Number of Guests: 2330 on October 25, 2018