Jump to content


Redirection of forum.nanfa.org url POSSIBLE MALWARE PROBLEM. PLEASE READ THREAD AND PROTECT YOURSELF!


72 replies to this topic

#21 Guest_magic-carpet_*

Guest_magic-carpet_*
  • Guests

Posted 25 April 2014 - 04:13 PM

Fixed. Sorry about that folks!

#22 Guest_magic-carpet_*

Guest_magic-carpet_*
  • Guests

Posted 25 April 2014 - 04:17 PM

I have requested a patch from the people who provide our forum software. Hopefully, this will not happen again (at least, until hackers figure out how to do mischief again)

#23 Isaac Szabo

Isaac Szabo
  • NANFA Member
  • The Ozarks

Posted 27 April 2014 - 02:54 PM

It seems to be working correctly for me now. Thanks for getting this fixed!

#24 Guest_Gavinswildlife_*

Guest_Gavinswildlife_*
  • Guests

Posted 28 April 2014 - 03:23 PM

It's back :(

#25 Isaac Szabo

Isaac Szabo
  • NANFA Member
  • The Ozarks

Posted 28 April 2014 - 04:09 PM

Yeah, that was fast. Too bad.

#26 Guest_Gavinswildlife_*

Guest_Gavinswildlife_*
  • Guests

Posted 28 April 2014 - 04:16 PM

I think its y2k.

#27 Guest_Ken_*

Guest_Ken_*
  • Guests

Posted 30 May 2014 - 11:49 AM

Well these freakin' pop ups have just started for me a couple days ago....

#28 Guest_Ken_*

Guest_Ken_*
  • Guests

Posted 30 May 2014 - 01:05 PM

Nevermind..... I think I may have taken care of it on my end. Had some program called Webget downloaded on my computer inadvertantly. The strange thing though is the pop ups didn't happen on any other website that I had gone to...... Oh well it looks like it has stopped here also.

#29 Guest_Stickbow_*

Guest_Stickbow_*
  • Guests

Posted 16 July 2014 - 10:37 PM

This has been happening to me, and since I am an IT nerd, and have access to some people who are much better hackers than I am, I had our security guy look at this, because when I do a Google search for a species or anything that NANFA might have a link for, the first time I click the link I get the http://url4short(dot)info(slash)53c2d5c5 link(or a "blocked due to malware" link from our web monitoring software.

This happens on my work machine, home machines, tablet...all of which are clean and scanned regularly. FWIW, reproducing it can be difficult, because it only redirects the first time you click the link that's embedded - either in the Google search or wherever (other site links do it too, including those embedded in email messages). It may require that you be caching your login; we're not sure - we were able to get it to do it when not logged in.

We got a truly "clean" machine and image that he uses to test with. Does it for him. We know it is NOT client side (i.e., our machines). He isn't familiar with the IP Board software NANFA uses, so we surfed. We found a pretty good number of hacker board references explaining how to inject malicious code for URL redirect scripts, and one blog that explains how to fix it.

The latter is the only link we found that I'm willing to post: http://peter.upfold....url4short-mess/ This explains the problem fully, the research done to discover it, and how to fix it.

Hope this will help you solve the problem before I set off any more alarms at work :-s

Edited to add -- the comments also point out other places the code is sometimes injected. Worth reading those as well.

Edited by Stickbow, 16 July 2014 - 10:40 PM.


#30 Guest_FirstChAoS_*

Guest_FirstChAoS_*
  • Guests

Posted 17 October 2014 - 12:12 AM

Since this problem is not fixed yet, I wonder if you considered moving the forum to a new web host.

#31 Guest_fundulus_*

Guest_fundulus_*
  • Guests

Posted 17 October 2014 - 07:23 AM

Is the problem not fixed yet? I have never encountered any of this kind of skronk here.

#32 Guest_FirstChAoS_*

Guest_FirstChAoS_*
  • Guests

Posted 18 October 2014 - 06:03 PM

Is the problem not fixed yet? I have never encountered any of this kind of skronk here.


Yes, my main computer I enter the page through bookmarks so do not see it, but on work computers and my tablet where I enter through a browser I do see it.

#33 Isaac Szabo

Isaac Szabo
  • NANFA Member
  • The Ozarks

Posted 18 October 2014 - 11:34 PM

Yes, I encounter it from time to time when google searches lead me to NANFA content. The first click leads to the malware site, but I know to just go back and click it again to get to the real content. However, it concerns me that we are likely losing some potential new members who do google searches for native fish information but never make it all the way to NANFA content because of the website redirection. I know that if I clicked on an unfamiliar website which then led to a malware webpage, I probably wouldn't risk trying to go to that website again. I wonder if the fix that Wynne linked to would be worth trying?

#34 Guest_FirstChAoS_*

Guest_FirstChAoS_*
  • Guests

Posted 19 October 2014 - 12:58 PM

I say as long as you back up the forum in case anything goes wrong, any fix would be worth it.

#35 Sean Phillips

Sean Phillips
  • NANFA Member
  • Allegheny River Drainage, Southwest PA

Posted 21 October 2014 - 06:23 PM

Yeah this has been happening to me for months now, since I joined actually. I figured it was just my computer otherwise I would've reported it but I guess not.
Sean Phillips - Pine Creek Watershed - Allegheny River Drainage

#36 Guest_Skipjack_*

Guest_Skipjack_*
  • Guests

Posted 23 October 2014 - 03:00 PM

This is an issue, and we need to address it. Unfortunately since we are all volunteers, at the moment I am not sure that we have someone tech savvy enough to take this on. We sure do not want to implement a fix that causes a nightmare. If anyone out there has some experience with this type of issue, please send a PM to me or one of the other forum staff. It will be rectified, hopefully sooner than later. Your staff here are doing the best that they can. When the forum was constructed we had a particularly gifted individual that handled all of these problems. Since he moved out of the drivers seat, we have all tried to learn more and manage as well as possible. I think we have all done a decent job of holding it together, and we learn more all the time. So please volunteer and give us a hand, or please be patient, and know we are doing our best. Better yet, someone start a motion to give us a menial pay raise. I will second it. Wait. 10% of zero is still zero isn't it? Dang it!

#37 Guest_Uland_*

Guest_Uland_*
  • Guests

Posted 23 October 2014 - 04:15 PM

I would bet the update will fix this. Fingers crossed.

#38 Guest_Skipjack_*

Guest_Skipjack_*
  • Guests

Posted 23 October 2014 - 04:56 PM

I would bet the update will fix this. Fingers crossed.

Thanks for the vote of confidence Uland. I hope that the problem just vanishes with the upgrade. There are fixes/patches for this problem, but when you are playing with many thousands of posts, some with great information, it makes one rather hesitant.

#39 Isaac Szabo

Isaac Szabo
  • NANFA Member
  • The Ozarks

Posted 23 October 2014 - 06:26 PM

I wasn't intending to be critical. Just trying to provide some helpful information. I am very appreciative of all the work NANFA volunteers do, and I totally understand if nobody knows how to fix the issue (I don't). It would be nice if the upgrade fixes it.

#40 Guest_Skipjack_*

Guest_Skipjack_*
  • Guests

Posted 23 October 2014 - 08:17 PM

Oh, never saw it that way Isaac. Glad you brought it back up. I was sweeping it under the rug and hoping it would resolve itself.



Reply to this topic



  


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users