BRITSIM
Moderators: Guru's, The Ministry
-
- Vintage Pair
- Posts: 2576
- Joined: 10 Jul 2009, 08:33
- Location: Chacombe about 2 mile east of M40 J11
BRITSIM
Sorry Guys & Girls, but it looks as if Britsims been hacked yet again!
One gets redirected to an apps site!
I have been free of this until today & Dave Moly is also affected.
Have not heard from the Happy Otter for ages, so presumably he has got more fish (or Squirrels?) to fly!
Keith
One gets redirected to an apps site!
I have been free of this until today & Dave Moly is also affected.
Have not heard from the Happy Otter for ages, so presumably he has got more fish (or Squirrels?) to fly!
Keith
-
- Vintage Pair
- Posts: 2576
- Joined: 10 Jul 2009, 08:33
- Location: Chacombe about 2 mile east of M40 J11
Re: BRITSIM
Alex,
One seems to be able to get there, but I have found (Dave also) that on the 3rd click, if trying to answer a forum question for example, one gets redirected & if you do get that it changes its address each time!
Keith
One seems to be able to get there, but I have found (Dave also) that on the 3rd click, if trying to answer a forum question for example, one gets redirected & if you do get that it changes its address each time!
Keith
Re: BRITSIM
It seems ok here:
Ah, I see what you mean. If one attempts to repy to a post, one is redirected to another site
Ah, I see what you mean. If one attempts to repy to a post, one is redirected to another site
George
Re: BRITSIM
Found the same when I tried to register a vote on a download.
Graham
Graham
Re: BRITSIM
I don't get those symptoms at all, I've repeatedly tried too. FYI I use IE10 on W7 64. if that makes a difference.
Alex
- basys
- VC10
- Posts: 524
- Joined: 06 Apr 2006, 12:28
- Location: EGNL, Barrow-in-Furness, Cumbria, UK
- Contact:
Re: BRITSIM
Hi Folks
Britsim site has definitely been hacked.
There's a hidden DIV containing Cyrillic text and links.
Plus a couple of links to an Islamic site
which from the link looks like its also a victim of a hacker.
HTH
ATB
Paul
Britsim site has definitely been hacked.
There's a hidden DIV containing Cyrillic text and links.
Plus a couple of links to an Islamic site
which from the link looks like its also a victim of a hacker.
HTH
ATB
Paul
I've never felt so frustrated....... died so frequently/spectacularly/or needlessly....... yet had so much fun, in a long time.
Flight's Landing Challenges - Earn your wings !
-
- Vintage Pair
- Posts: 2576
- Joined: 10 Jul 2009, 08:33
- Location: Chacombe about 2 mile east of M40 J11
Re: BRITSIM
Paul,
Thanks for that - it may be very useful for the Happy Otter when he can find time to attack the problem. We did have quite a few russian forum messages that were jibberish some time back that Rob cleared (& we hopefully deleted - but probably not from the root), but have not seen any islamic stuff.
Obviously the hole that Rob tried to plug is still leaky!
Unfortunately Dave M & myself are certainly not well enough acquainted with software manipulation to even try to modify anything & we seem to be missing poor old Leif's touch!
Regards
Keith
Thanks for that - it may be very useful for the Happy Otter when he can find time to attack the problem. We did have quite a few russian forum messages that were jibberish some time back that Rob cleared (& we hopefully deleted - but probably not from the root), but have not seen any islamic stuff.
Obviously the hole that Rob tried to plug is still leaky!
Unfortunately Dave M & myself are certainly not well enough acquainted with software manipulation to even try to modify anything & we seem to be missing poor old Leif's touch!
Regards
Keith
- basys
- VC10
- Posts: 524
- Joined: 06 Apr 2006, 12:28
- Location: EGNL, Barrow-in-Furness, Cumbria, UK
- Contact:
Re: BRITSIM
Hi Folks
Keith -
WRT your original malicious script infection -
Not all components had been removed from Britsim,
& guessing infection occurred in two seperate events.
Looks like the Islamic site was the payload vector.
The content of the file on their website had since been removed,
but if at any time is reinstated
your visitors will be subjected to its effects.
The calling code is still present in your templates,
(guessing in php for header & footer, plus at least ).
IIRC there may also be regeneration code,
that checks for & reinstates removed elements,
including a php file, which generates a browser specific js.
HTH
ATB
Paul
Keith -
WRT your original malicious script infection -
Not all components had been removed from Britsim,
& guessing infection occurred in two seperate events.
Looks like the Islamic site was the payload vector.
The content of the file on their website had since been removed,
but if at any time is reinstated
your visitors will be subjected to its effects.
The calling code is still present in your templates,
(guessing in php for header & footer, plus at least ).
IIRC there may also be regeneration code,
that checks for & reinstates removed elements,
including a php file, which generates a browser specific js.
HTH
ATB
Paul
I've never felt so frustrated....... died so frequently/spectacularly/or needlessly....... yet had so much fun, in a long time.
Flight's Landing Challenges - Earn your wings !
-
- Vintage Pair
- Posts: 2576
- Joined: 10 Jul 2009, 08:33
- Location: Chacombe about 2 mile east of M40 J11
Re: BRITSIM
Thanks for the added info Paul, but its all Greek to me. Just hope Rob passes by & can use your info.
Regards
Keith
Regards
Keith