PDA

View Full Version : This forum tried to infect my phone



Aphex
11-15-2011, 12:02 PM
Just a quick note to let the powers that be know that the hackers are back.

I just tried to check out the latest posts on my android phone (using stock browser)and got redirected to what seems like a fake oprah mini site (i don't use oprah), which in turn try'd to instal some software (probably spyware)

Vertigo
11-15-2011, 12:15 PM
Edit--investigating

SeanRogerPierce
11-15-2011, 12:19 PM
no problems here with opera mobile. ;)

chazmtb
11-15-2011, 12:25 PM
Same here on Android gingerbread. Tried to attach on my regular android browser and dolphin hd browser. It redirected me to opera mini and tried to ask me ti download something. I dont want to use Opera Mini.

Vertigo
11-15-2011, 12:31 PM
A friend confirmed it happens on xscope browser as well.

Also: "Your version of browser Opera Mini has become outdated, the further work can be incorrect and lead to unexpected errors and failures! We recommend you to update a product to version 6.5"

Rofl. SOUNDS LEGIT.

tgraypots
11-15-2011, 12:36 PM
I'm using an android tablet with the standard google browser and am having no problems.

chazmtb
11-15-2011, 12:39 PM
Mine was on an android phone, gingerbread version 2.3. May be different if you have honeycomb.

Vertigo
11-15-2011, 01:03 PM
Old exploited software is old exploited software. Here's a possible Fix. (http://vbtechsupport.com/865/)


To manually fix versions prior to vBulletin 4.1.3 and 3.8.7

Edit one line in class_core.php file located in /includes/class_core.php ; find the following line “define(‘YUI_VERSION’, ’2.7.0′); // define the YUI version we bundle” ; replace this line with “define(‘YUI_VERSION’, ’2.9.0′); // define the YUI version we bundle”
In AdminCP; Go to “Options” => “Server Settings and Optimization Options” ; find “Use Remote YUI” option and in the dropdown switch to a server of your choice, Google or Yahoo.

Might not be the exact exploit being used though, just one of many.

kalaeb
11-15-2011, 01:04 PM
Same redirect here. I am going through withdrawls when I can't look on my phone.

rahimlee54
11-15-2011, 01:23 PM
I wonder why all these attacks as have been happening as of late.

Vertigo
11-15-2011, 01:41 PM
I wonder why all these attacks as have been happening as of late.

We're growing. The more traffic a site has, the more likely it is to be hit by teh robots. It's unlikely we're actually being targeted by anyone specifically, we've just got enough activity and are impressioned enough in Google that we get hit by teh robots a lot. The bigger we get, the more they hammer on the door.

kalaeb
11-15-2011, 02:33 PM
I am phone illeterate, anyone know of another browsers or version that I can download to my phone to make this site viewable again from my phone?

Dave Martell
11-15-2011, 03:23 PM
Oh no....not again :scared4:

Justin0505
11-15-2011, 04:06 PM
I am phone illeterate, anyone know of another browsers or version that I can download to my phone to make this site viewable again from my phone?

I also get the fake opera page when using the default browser for my android phone.

the "work around" is to use a browser that gives you the option of a "desktop" or non-mobile mode. the exploit seems to targeting phonest so if your browser IDs as a tablet or desktop, it doesn't get re-directed.

im using skyfire browser and it has a button right at the top to swith to desktop mode (icon looks like a droid/computer monitor).

Pensacola Tiger
11-15-2011, 05:07 PM
iPhone and iPad are not affected.

ecchef
11-15-2011, 06:43 PM
Yep...mine's all wonky.

Rottman
11-15-2011, 06:56 PM
My android phone keeps redirecting me to that pile of crap and tries to download. On my pc I could see all the redirects in the last days as being blocked by No Script but today there's nothing blocked on the pc but android is lost...

Dave Martell
11-15-2011, 06:59 PM
I'm working on this folks. Thanks for the updates.

Eamon Burke
11-15-2011, 07:56 PM
Ditto on the phone, it happened to me at lunch today, still happening. No KKF addresses would load, it tried to download something disguised as a video clip onto my phone. Disabling Java, and all other plugins doesn't stop it from happening.
Redirects to a russian-language site about opera browser, "op-new-mobile.net"
Samsung Galaxy S, Android Froyo.

Currently on Chrome on Windows XP at work, it's working fine.

obtuse
11-15-2011, 08:53 PM
It's happening to me too and I have been suffering withdrawals all day at work. :scared4: I'm running Android 2.2.2 :( I know, I'm behind the times. I've been using the standard browser and opera mini, same problem.

chazmtb
11-15-2011, 11:38 PM
From what I saw, it is some .ru website (russian???) that kept redirecting to another site and another site. Do you have any enemies in Russia, Dave?:D:razz:

Eamon Burke
11-15-2011, 11:40 PM
I thought covert attacks from Russia always came With Love....

Dave Martell
11-15-2011, 11:55 PM
I heard that another forum that uses the same software is having the same problems.

JBroida
11-16-2011, 12:51 AM
cant view KKF from my phone anymore either... this crap needs to be fixed

riverie
11-16-2011, 01:17 AM
i use an android phone and got the same problem. it keep redirecting to from sites to sites.

Dave Martell
11-16-2011, 01:17 AM
The newest level of software has been sent to the host to install. It can take 24-48hrs to get done though. Hang on mobile guys,,,hang on

Mike Davis
11-16-2011, 03:11 AM
LOL! I had the same issue earlier today on my Droid 2.Exact same thing....every other website was fine.

JohnnyChance
11-16-2011, 04:02 AM
Same on my Blackberry.

Vertigo
11-16-2011, 06:15 AM
I heard that another forum that uses the same software is having the same problems.

Really Dave? REALLY?

:angry1:

l r harner
11-16-2011, 09:18 AM
let me know when i can try and use firefox on my phone too please commando droid netbook is fine

ajhuff
11-16-2011, 09:27 AM
Same problem here this morning.

-AJ

Dave Martell
11-16-2011, 11:36 AM
The new software had been installed which has security patches for a lot of known problems. I'm hoping that the mobile re-direct problem gets resolved so let me know what's up folks.

chazmtb
11-16-2011, 11:41 AM
As of 10:53 still getting redirected.

Dave Martell
11-16-2011, 11:53 AM
As of 10:53 still getting redirected.

:sad0:

JohnnyChance
11-16-2011, 12:58 PM
Still affecting my Blackberry.

kalaeb
11-16-2011, 01:13 PM
Still affecting my Blackberry.

Still redirect on Android 2.3

Dave Martell
11-16-2011, 01:16 PM
Great and now for the trouble of upgrading to the most current software there's other problems popping up....that was sooooo worth the trouble...not. Grrrrrr

kalaeb
11-16-2011, 02:39 PM
Great and now for the trouble of upgrading to the most current software there's other problems popping up....that was sooooo worth the trouble...not. Grrrrrr

Dave, if it makes you feel better, my two hour layover will be much more enjoyable with KKF on my phone, thanks for the trouble of upgrading.

Dave Martell
11-16-2011, 02:47 PM
Kalaeb, is it working OK on your phone?

JBroida
11-16-2011, 03:15 PM
i still got redirected just now when the browser is set to user client android

kalaeb
11-16-2011, 03:25 PM
Kalaeb, is it working OK on your phone?

No, but I have hopes that it will be by the time I have to fly home. It is re-directing to a different site.

Dave Martell
11-16-2011, 03:32 PM
No, but I have hopes that it will be by the time I have to fly home. It is re-directing to a different site.


Are you one of those glass half full people? :D

Dave Martell
11-16-2011, 03:32 PM
i still got redirected just now when the browser is set to user client android


Specifics like this help Jon, thanks.

Vertigo
11-16-2011, 03:37 PM
Great and now for the trouble of upgrading to the most current software there's other problems popping up....that was sooooo worth the trouble...not. Grrrrrr

Dave,

I understand you're frustrated that the update didn't fix it. However, keep in mind that the forum version you were using, 4.1.2, was victim to two PHP injections in four days, exposing your users to potentially hazardous code and an upgrade was imperative. That said, patching a hole in your ceiling doesn't always mean you don't have water damage to clean up, right? There's still a user agent redirect somewhere in your PHP that needs fixed. I can give you more help, if you're interested, when Im off work.

WildBoar
11-16-2011, 03:39 PM
tried my phone for the heck of it. Got a redirect to .ru. Android v 2.3.3

Dave Martell
11-17-2011, 12:50 PM
Can someone re-check their phone to see if this is still a problem or not?

WildBoar
11-17-2011, 12:59 PM
yep, still redirecting on my phone!

JohnnyChance
11-17-2011, 01:01 PM
yep, still redirecting.

Dave Martell
11-17-2011, 01:02 PM
F....udge

PierreRodrigue
11-17-2011, 02:03 PM
My blackberry is re-directing me to some meet and greet dating service in Quebec, although some of these girls are easy on the eyes, I doubt they are as into knives as the folks around here...

Dave Martell
11-17-2011, 02:19 PM
It appears that this isn't going to be an easy fix. I've been on this for quite awhile and I'm no closer to solving it then when I started. I'm going to have to work on a knife sooner or later so this is going to get put on hold. Maybe I can get an expert involved at the vB support center, I don;t know...

Dave Martell
11-17-2011, 02:31 PM
Can someone check again for me?

Thanks

PierreRodrigue
11-17-2011, 03:37 PM
Still redirecting...

Dave Martell
11-17-2011, 04:33 PM
Thanks Pierre

Dave Martell
11-17-2011, 04:34 PM
I've got a support ticket open for this.

Eamon Burke
11-17-2011, 06:52 PM
Tell them my life is hanging in the balance. I will die of sleep deprivation if I have to wait until I get home to check the forums!

Dave Martell
11-17-2011, 07:30 PM
They're already jerking me around with technical mumbo-jumbo. It's their way of putting off.....

Mike Davis
11-17-2011, 11:45 PM
Want me to fly there and talk face to face? I am an expert at "Persuasion":punish::angry1::devilburn:

mr drinky
11-18-2011, 12:00 AM
Every time I open KKF now I get redirected to my wine rack, and the only way to fix it is to use the corkscrew next to the rack. I then download the wine into my external storage device (glass) and then hit refresh ;)

Sorry for the problems guys. I went crazy for the half day my computer was doing this.

k.

Dave Martell
11-18-2011, 08:10 PM
Still working on this problem....

kalaeb
11-18-2011, 08:41 PM
Yee haw, it works! Android system is operational. Thanks dave, I was starting to
get shaky.

Vertigo
11-18-2011, 08:51 PM
Nice work, Dave!

ecchef
11-18-2011, 08:52 PM
Same here...back to normal.:fanning:

mhlee
11-18-2011, 09:03 PM
:yatta:

:bliss:

Dave Martell
11-18-2011, 09:53 PM
Our host provider did some checking and found two redirect lines of code, multiples lines of code that are encrypted (not vB software), & a hacker tool with the capabilities of changing or creating new files or directories and database manipulation. Yowsers! :fanning:

add
11-18-2011, 10:11 PM
Our host provider did some checking and found two redirect lines of code, multiples lines of code that are encrypted (not vB software), & a hacker tool with the capabilities of changing or creating new files or directories and database manipulation. Yowsers! :fanning:

Yeah... well, what ever that means. :D


Perhaps though, this is just an ongoing part and parcel (constant maintenance) of running a site? **lowering expectations for any future potential "events"** :clown:


Regardless, glad it is worked out.
:cool2:

obtuse
11-18-2011, 10:58 PM
yay!!! my withdrawal symptoms are going away.

Dave Martell
11-18-2011, 11:21 PM
Thanks to everyone who helped me on this one, especially Jack (Vertigo). :doublethumbsup:

Eamon Burke
11-18-2011, 11:54 PM
You mean I just kept my wife on hold from watching Hulu when I could have just been ignoring our time together on my PHONE THE WHOLE TIME?!

YAAAAAY!
:woot:

JohnnyChance
11-19-2011, 06:37 AM
Huzzah! My 90 second long break at work is no longer spent staring at a wall.

TamanegiKin
11-21-2011, 12:06 PM
I'm not tech savvy, I hit the update software pop up when it said my opera mini was outdated. I had to erase my phone and reset all to default, DOH!. I thought the redirect was being caused by whatever I downloaded but was so pleasantly surprised to be able to get back on here last night. I only have web access through my phone BTW. I was super bummed out the few days I couldn't get on here, the doc gave me the KKF methadone equivalent as the withdrawals were kickin' pretty hard. Very grateful to be back, thanks Dave!

Dave Martell
11-21-2011, 02:43 PM
Sorry for the trouble.

TamanegiKin
11-21-2011, 04:07 PM
Nah no trouble really, heck I ended up learning how to better use my phone and utilize different features by messing with it. And again, just very happy to be back, thanks again Dave.