Guys, I'm working on this. I've been completely buried as you can imagine with the markets the way they are, but I'm trying to find someone to update the vBulletin for us. Hopefully it will be done soon - please bear with me.

This sh!t makes me sick...

Greg

:devil:

no worries G we are on top of it as well deleting and banning as quick as i catch it

My recommendation is to stop all new account and clear out all new users for the past 10-20 days. It's only going to get worse in the next few days... I already emailed Greg with what is coming down the line...

Whats the deal Chris????????

Damn!!!!!!!!!

Whats the deal Chris????????

It's going to get worse before it gets better. Watch links and pictures added to posts(embeded links and clickjacking)... Don't say I didn't warn everybody.:smashfreak: go to US(dash)cert(dot)gov to see whats coming down the line. :eek3:

More crap again. When I saw the stuff yesterday morning, I texted Nick. Contacted him again today @1250 hrs.

More crap again. When I saw the stuff yesterday morning, I texted Nick. Contacted him again today @1250 hrs.

Obviously the dude don't give a sh*t...

McD or Jap can stop new membership and clear the new users.

Maybe we can pin a thread to the top of every forum area with a warning not to click on any of these links until we get this crap sorted out? I've figured out not to click on them but I'd hate to hear that someones computer went down because they couldn't resist the temptation. Just a thought, I don't have many so when I get one...:lookaround:

OK - the update is done - the most recent vBulletin update has been completed.

Chris - will that fix the problem? Do I need to do anything else?

I'm going to guess yes, because as recent as 1:30 there was a new one.

there where 4 more when I checked at 4:30pm I removed and banned them.

OK - the update is done - the most recent vBulletin update has been completed.

Chris - will that fix the problem? Do I need to do anything else?

You're going to have to stop new members for a while, & delete all the new members in the past 1-2 weeks. Banning them won't work as they could have injected code already. Remove all the posts. If you can, also look in the logs and ban the IP address's. Also send me, if you want the address's and I'll fill out an incindent or one of the MODs can @ https://forms.us-cert.gov/report/ that will get the attention of the CERT's world wide and they can start tracking the people down, and notify VB of other flaws in the code and have them start working on it...


What is an incident?
A good but fairly general definition of an incident is The act of violating an explicit or implied security policy. Unfortunately, this definition relies on the existence of a security policy that, while generally understood, varies among organizations.

For the federal government, an incident, defined by NIST Special Publication 800-61, is a violation or imminent threat of violation of computer security policies, acceptable use policies, or standard computer security practices. Federal incident reporting guidelines, including definitions and reporting timeframes can be found at http://www.us-cert.gov/federal/reportingRequirements.html.

In general, types of activity that are commonly recognized as being in violation of a typical security policy include but are not limited to
attempts (either failed or successful) to gain unauthorized access to a system or its data, including PII related incidents (link to the below description)
unwanted disruption or denial of service
the unauthorized use of a system for processing or storing data
changes to system hardware, firmware, or software characteristics without the owner's knowledge, instruction, or consent

Update your virus scanners, and check your computers. Found 4 clickjackers and 1 trojan so far... I'll be back in a few weeks once the board gets under control.

3 more justed came on. I sent an email to JAP so they can be deleted.

I have closed the boards to all new registrations and deleted all new users over the last 2 weeks until we can get this under control. Sorry for the inconvenience!

Looks good so far. I logged on this morning and did not have to delete any posts:D:Thanx::thumb:

Sorry guys - I couldn't figure out how to stop the new registration and delete the last couple weeks of users! I was trying to get my web guy to do it but couldn't get him and Kevin beat me to it - thanks Kevin!

No problem, G! Just hope I can figure out how to reverse it! :D

No worries! At least it seems things are almost back to normal.

Slow season coming!!!

Work sucks lately, as you can imagine.