Have the forums been hacked?

[mircleman]

Thats allot of the issues with large websites, large corporate networks etc they dont keep up with exploits and scripts bcause there are so many. but again that goes back to my arugument of web standards and if you cant hire someone in I.T. or a i.t. team that can keep these exploits and scripts out of the network they shouldnt be up but thats just my view.

[Shof]

  mircleman said:

Thats allot of the issues with large websites, large corporate networks etc they dont keep up with exploits and scripts bcause there are so many. but again that goes back to my arugument of web standards and if you cant hire someone in I.T. or a i.t. team that can keep these exploits and scripts out of the network they shouldnt be up but thats just my view.

like a virus or spyware scanner, if a spyware/virus goes undetected because the problem does not detect it..whos falut is that? The company that makes the program for not producing a faster update to detect that detect stuff that goes undeteced or you visting a site with that undetected virus

NOTHING is hacker safe, NOTHING is safe, WE all (as human,websites, company) are vulrenable to attacks

[mircleman]

  Shof said:

like a virus or spyware scanner, if a spyware/virus goes undetected because the problem does not detect it..whos falut is that? The company that makes the program for not producing a faster update to detect that detect stuff that goes undeteced or you visting a site with that undetected virus

NOTHING is hacker safe, NOTHING is safe, WE all (as human,websites, company) are vulrenable to attacks

Thats pure nonsense it takes more then anti virus and a firewall to protect your network i created a database program that took every single exploit and script ever created and put them togather I run that program on our network we have never been hacked to date because of that nor has any script or explot been used against us or the company. and it updates daily as new ones are discovered. my point is this could a hacker get in sure, a professional hacker sure they could. my point is it would be very very difficult. so the point is no nothing is perfect but you can make it almost impossible to do so with a little forttude.as far as nothign is hack proof thats about to change but i wont get into that debate of a program cant be created that cant be hacked . its like fort knox could someone get in..sure but it would take more then 99% of people are willing to go thru :)

[sachleen]

There should be a warning on the main site smoehwere so before someone using IE goes to the forum they can know what tehy are getting into... I know its only on IE and unprotected systems, but you never know how many people go into that category.. :(

[Bhav]

Virus? What virus?

:p

[James123]

  aos101 said:

Um, where is it? The only iframes I can see in the code are Neowin ones.

...It's right at the top, just below the body tag (I won't post the iframe code as I believe the mod asked people not to earlier)

Example of it...

^^ That is what happens, if you go to a page with IE (Fully patched, 0 updates on windows updates left), and no anti-virus. Taken 5 minutes ago.

[tkyoshi]

Windows Defender will also help prevent it. On my computer it kicked in before Symantec.

[aos101]

  James123 said:

...It's right at the top, just below the body tag (I won't post the iframe code as I believe the mod asked people not to earlier)

Example of it...

^^ That is what happens, if you go to a page with IE (Fully patched, 0 updates on windows updates left), and no anti-virus. Taken 5 minutes ago.

Not showing for me. Have you tried clearing your cache? When this site pulls the source it doesn't show the iframe:

http://web-sniffer.net/?url=http%3A%2F%2Fw...niffer%2F1.0.24

[James123]

Yes, I have cleared my cache.

That site doesn't get it, because it only displays if you're logged in.

[tkyoshi]

  James123 said:

Yes, I have cleared my cache.

That site doesn't get it, because it only displays if you're logged in.

Same with me, i'm logged in and no malicious code.

[James123]

It's also only there on three of the themes...

Neowin v3 (Silver ONLY)

Neowin v2

IPB Default Skin

[aos101]

  James123 said:

Yes, I have cleared my cache.

That site doesn't get it, because it only displays if you're logged in.

Earlier on when I saw it it was displaying for guests. Do you get the same results in a different browser?

[James123]

Nope. In Firefox, Safari, IE, Konqueror & Opera it's only there whilst I'm logged in, and only on those three themes I specified above.

Not sure about everyone else though?

[tkyoshi]

  James123 said:

It's also only there on three of the themes...

Neowin v3 (Silver ONLY)

Neowin v2

IPB Default Skin

Ahh ok maybe that's why, i'm on Neowin v3 Swift.

[aos101]

  James123 said:

It's also only there on three of the themes...

Neowin v3 (Silver ONLY)

Neowin v2

IPB Default Skin

Ahh you are using a different theme. I was using the default one. It does still seem to be there on some themes, in which case you are very right to be annoyed it is still there. I wonder how many people are still being exposed to this then?

[Blaine]

new announcement from front page:

  Quote

We have been hit with an exploit that affects Invision Board 2.1.5 and was later improved to exploit v2.1.6 (our version). Our coders are currently working on a fix for this exploit and we've had to temporarily close the forums as a result.

If you have a virus scanner installed and got the following message while browsing Neowin forums:

Win32/Exploit.WMF Trojan than you have been hit with this exploit.

If you browse Neowin with Internet Explorer and have the latest security patches (post SP2) you should be unaffected.

First reports also indicate that Firefox users are unaffected, we'll keep you updated.

[James123]

Ah that's good news. Strangely the WMF exploit affected the PC (it was in VMWare) in the picture I posted above (but it had every security patch).

Anyway at least it's being fixed :).

[Shetland]

this happened once before about a year ago if i recall.

[Draconian Guppy]

Well i'm at Opera 9, unpatched windows, AVG says nothing :)

[Stunna]

  zipgenius said:

I think that someone has been affected: not everybody has applied the WMF patch :(

Was the WMF patch a normal windows update patch or was it a manual download?

How did you decode that source to figure out the website?

[Shof]

Either neowin fixed the problem or nod32 dont show alerts, but i dont get anything when i view neowin with IE (maybe it is becuase i also have xp pro sp2 with autopatch and zonealarm pro):

[Krome]

I am going to assume that I am safe since I've never encounter those iFrame pop-ups in the first place.

[ANova]

Opera doesn't even acknowledge the code let alone try to run it.

[Nashy]

mmmm Firefox

[simsie]

Shof: it only affects certain skins (v2 - ipb default and v3 (swift) silver). Seeing as you are using black it won't be a problem