[FIXED] Malware on CMSMS.org
[FIXED] Malware on CMSMS.org
Since this morning I get a warning in Google Chrome:
Warning: Something's Not Right Here!
http://www.cmsmadesimple.org contains content from xxxxxxxxxxxx, a site known to distribute malware. Your computer might catch a virus if you visit this site.
Google has found malicious software may be installed onto your computer if you proceed. If you've visited this site in the past or you trust this site, it's possible that it has just recently been compromised by a hacker. You should not proceed, and perhaps try again tomorrow or go somewhere else.
Warning: Something's Not Right Here!
http://www.cmsmadesimple.org contains content from xxxxxxxxxxxx, a site known to distribute malware. Your computer might catch a virus if you visit this site.
Google has found malicious software may be installed onto your computer if you proceed. If you've visited this site in the past or you trust this site, it's possible that it has just recently been compromised by a hacker. You should not proceed, and perhaps try again tomorrow or go somewhere else.
Last edited by Rolf on Fri Sep 21, 2012 12:44 pm, edited 2 times in total.
Reason: removed links
Reason: removed links
Re: Malware on CMSMS.org
is fixed....
Ronny
Ronny
Re: [FIXED] Malware on CMSMS.org
I am currently getting the malware warning:
"Warning: Something's Not Right Here!
http://www.cmsmadesimple.org contains content from "google-analytics.su", a site known to distribute malware. Your computer might catch a virus if you visit this site.. "
"Warning: Something's Not Right Here!
http://www.cmsmadesimple.org contains content from "google-analytics.su", a site known to distribute malware. Your computer might catch a virus if you visit this site.. "
Re: [FIXED] Malware on CMSMS.org
I'm getting that as well.
Re: [FIXED] Malware on CMSMS.org
same here (2225hrs Central US time, 07FEB2012) Firefox reports forum.cmsmadesimple.org as an attack site.
-
- Support Guru
- Posts: 8169
- Joined: Tue Oct 19, 2004 6:44 pm
- Location: Fernie British Columbia, Canada
Re: [FIXED] Malware on CMSMS.org
We're on it.
It seems we're the subject of targeted attacks.
We have fixed what they changed (numerous times).
We are just not sure how they are getting in. Some type of file upload vulnerability it seems.
We just haven't found which package and/or site that is on this server is vulnerable.
It seems we're the subject of targeted attacks.
We have fixed what they changed (numerous times).
We are just not sure how they are getting in. Some type of file upload vulnerability it seems.
We just haven't found which package and/or site that is on this server is vulnerable.
Follow me on twitter
Please post system information from "Extensions >> System Information" (there is a bbcode option) on all posts asking for assistance.
--------------------
If you can't bother explaining your problem well, you shouldn't expect much in the way of assistance.
Please post system information from "Extensions >> System Information" (there is a bbcode option) on all posts asking for assistance.
--------------------
If you can't bother explaining your problem well, you shouldn't expect much in the way of assistance.
-
- Support Guru
- Posts: 8169
- Joined: Tue Oct 19, 2004 6:44 pm
- Location: Fernie British Columbia, Canada
Re: [FIXED] Malware on CMSMS.org
I promise a full report when we find the solution to this.
If it's a vulnerability in CMSMS core:
- We'll fix it and spit out a new release.
If it's a vulnerability in an addon module:
- We'll find the bug and give the report to the author
(If it's one of my modules, there'll be a new release).
If it's a third party package
- We'll fix the bug and file a report, and let everybody here know.
If it's a vulnerability in CMSMS core:
- We'll fix it and spit out a new release.
If it's a vulnerability in an addon module:
- We'll find the bug and give the report to the author
(If it's one of my modules, there'll be a new release).
If it's a third party package
- We'll fix the bug and file a report, and let everybody here know.
Follow me on twitter
Please post system information from "Extensions >> System Information" (there is a bbcode option) on all posts asking for assistance.
--------------------
If you can't bother explaining your problem well, you shouldn't expect much in the way of assistance.
Please post system information from "Extensions >> System Information" (there is a bbcode option) on all posts asking for assistance.
--------------------
If you can't bother explaining your problem well, you shouldn't expect much in the way of assistance.
Re: [FIXED] Malware on CMSMS.org
Looks serious.
Yesterday I couldn't download CMSMS, I kept being redirected to Bing or a weird hostname which didn't resolve (probably a malware url which has since been deleted).
Now, the download page is missing all of its download links:
http://www.cmsmadesimple.org/downloads/
http://i39.tinypic.com/2e1dkdk.png
Yesterday I couldn't download CMSMS, I kept being redirected to Bing or a weird hostname which didn't resolve (probably a malware url which has since been deleted).
Now, the download page is missing all of its download links:
http://www.cmsmadesimple.org/downloads/
http://i39.tinypic.com/2e1dkdk.png
Re: [FIXED] Malware on CMSMS.org
So has this been resolved?
It appears the download links have returned, I just don't want to download a vexed install of CMSMS.
Google doesn't appear to have visited the site since yesterday is why I am asking.
Much luck in resolving this issue.
It appears the download links have returned, I just don't want to download a vexed install of CMSMS.
Google doesn't appear to have visited the site since yesterday is why I am asking.
Much luck in resolving this issue.
Re: [FIXED] Malware on CMSMS.org
Same question, are the downloads safe now?
-
- Support Guru
- Posts: 8169
- Joined: Tue Oct 19, 2004 6:44 pm
- Location: Fernie British Columbia, Canada
Re: [FIXED] Malware on CMSMS.org
Yes, the errors are all resolved.
The downloads always were safe... the hacker was injecting some html into the page source to fug with our analytics js... that's all.
The downloads always were safe... the hacker was injecting some html into the page source to fug with our analytics js... that's all.
Follow me on twitter
Please post system information from "Extensions >> System Information" (there is a bbcode option) on all posts asking for assistance.
--------------------
If you can't bother explaining your problem well, you shouldn't expect much in the way of assistance.
Please post system information from "Extensions >> System Information" (there is a bbcode option) on all posts asking for assistance.
--------------------
If you can't bother explaining your problem well, you shouldn't expect much in the way of assistance.