Notice of service for The Common Rail

It appears that The Common Rail, our community forum, has been hacked, and the website has been distributing various redirects to spam considered "low threat" by Sophos security software. If you have security software installed, you should get a message like "Malicious Content Blocked", I got the following malware "Mal/Badscr-M" identified as the threat.

From my experimentation it appears to only affect user using Microsoft's Internet Explorer browser. I use Firefox and never saw this issue; also tried Google Chrome and no issues there as well.

There is very little info to go on, it took me quite a while to put the piece together as to what is happening. Right now, I am in the process of figuring out a response and have disabled the forum area. It seems to have resulted from a security breach at my host company, Dreamhost.

As I am downloading the full content of the forum for analysis, Windows Security Essentials detected a backdoor virus in the Avatar folder (...and promptly deleted without giving me more info - arghhh).

I am sorry, especially to those who have been affected directly.

I am in contact with Dreamhost and phpBB to figure out a solution and I will hopefully be back online shortly.  - Martin, April 25, 2012, 10:00hrs EST

Labels: ,