Visiolist Frontpage Virus

[proxydesign]

Hello,

When I visisted visiolist.com I got notified about a virus which seems to be from sraphicshouldn.su. Maybe you have included something on visiolist.com from there.

Anyway, screenshot: http://puu.sh/29UbS (in Norwegian)

Free to delete this thread if you want, just to notify you.

 

[PPNSteve]

Also getting blocked by Firefox and its listed in Google's badsite list.

 

[cajkan]

Yes i can confirm this,

Click on Advanced ---> Continue at your own risk for all who want to surf

 

[Basti]

Thanks guys, scan is running and code is being taken care of

 

[Mark]

We have removed the injected code, and submitted to webmaster tools. Now we are just waiting for Google to clear our name.

This happened as a result of a trojan that harvests FTP login details, we were first exploited a few weeks ago with this exact same method.... I failed to change the FTP password for this domain, so the problem resurfaced today. The good news is we were only infected for a few minutes, the bad news is Google could take a day or more to remove the warnings.

thanks for your patience, and deeply sorry for the inconvenience

 

[proxydesign]

Great job, it's sad when things like this happening. But, may I ask if this attack has infected the screenshot API/server in some way? I am getting an 500 Server error after some minutes with white page/loading.

 

[Basti]

Not that i know off, but iam asking Mark.
Screenshhots have this issue from time to time, server most likely needs a restart

 

[Basti]

Mark said the server is really slow atm, he is rebooting and asking to try rendering again in 15 minutes

EDIT: really slow, better wait for Marks response

 

[Basti]

Hacker identified as 217.172.130.163 thanks to Mark
For anyone who want to take the precaution, can add this into their webserver blacklist. We will try and watch over this issue and hopefully its a static ip

 

[Mark]

Just to clarify, this hack was NOT the result of a code exploit in VisioList.

screenshot server has been rebooted, screenshots are rendering normal.

 

[Anna]

Doubt this has something with above to do, but felt it unnecessary to start a new topic about it. My password to this site have been reset/changed two times now so I cant get access to the forum. And no, I have nothing to do with it! It is easily fixed by sending a reset request. But it is really annoying. :S What is going on.....`?

 

[Mark]

we moved to a new members system

http://visiolist.com/members/

which bridges our forum and licensing system into 1 database.

I emailed everyone notifying/warning them that you must reset your password (only once though...) because we could not import encrypted passwords from the forum into the new system

 

[Anna]

Oh, have ben very busy lately so I missed your email. And this was from two different computors. Can thats be it?

 

[Bart]

Warning has disappeared from FF/Chrome as far as i am aware.

 

[Basti]

Oh thats good to hear, i myself dont use these browser anymore

 

[Mark]

Oh, have ben very busy lately so I missed your email. And this was from two different computors. Can thats be it?

your computer doesnt matter, we made a major change on our server.

 

[Simm]

I have also this problem

 

[Mark]

the problem was resolved yesterday after only a few minutes, can you provide any more information?


the site is still showing clear for me from all available checks I can run

 

[Simm]

here the screen shots and it is from 5 min ago

 

[Mark]

thanks, I have requested a review again via Google webmaster tools.