Jump to content

ALERT: We were exploited. No user data compromised.

Recommended Posts

Hey gang,

Sorry for the dramatic headline, but I wanted to make you all aware of an issue we had recently on the Maccast forums. I received an email from a visitor who said that after clicking a link from a Google search result to this forum site he was redirected to some pretty nasty porn sites. What was odd was that it only happened for him once and after clicking other Google links coming to the forum he was never redirected again.


When I tried to recreate the issue I was able to get the same results. So fairly sure we were somehow compromised I did some Googling of my own and found this security post from about a week ago, http://blog.sucuri.net/2015/02/analyzing-malicious-redirects-in-the-ip-board-cms.html


Please note that this exploit was only a malicious re-direct of traffic coming from certain search engines or social media links. No user account or data on this site was compromised.


I have followed the instructions and have removed the malicious code from this sites files and the database. Our software was also three minor point releases behind (we were running X.X.4 and the latest was X.X.7), so I have updated us, but there was no items in the release notes indicating a patch for this security issue. I have contacted the makers of the forum software to make sure they are aware of the exploit and to see if they have a patch or solution. I will keep you posted.


If you do notice any unusual links or re-directs on this site please notify myself or a moderator directly and we will look into it ASAP. We take security very seriously and want this site to be SPAM free.



Share this post

Link to post
Share on other sites

  • Recently Browsing

    No registered users viewing this page.

  • Who's Online (See full list)

    There are no registered users currently online