Andy Y Posted December 30, 2018 Share Posted December 30, 2018 Users may have seen spurious pop-up ads and/or hijack pages and/or login boxes for a short period from around 13.00 to 13.25 yesterday before I took the site offline for remedial action. I don't believe any of those pages will have caused any issue to users' systems but I hope no-one attempted to put their login details into one of the spurious login boxes; if you did I would recommend installing and running the free version of Malwarebytes. There were two distinct issues caused by a hack which seemed to come via the Ukraine, these have been removed and functions tested but I still have some work to do. There may still be a vulnerability for recurrence but that will be worked on too. If there should be a repeat it should be quicker to resolve if it takes similar form. I'm sorry for the inconvenience but the best thing to do was to take the site offline to prevent risk to users whilst the issue was resolved. 3 Link to post Share on other sites More sharing options...
RMweb Premium Vecchio Posted December 30, 2018 RMweb Premium Share Posted December 30, 2018 Well the important thing is that RMWEB is online again. Thanks for your efforts! Vecchio Link to post Share on other sites More sharing options...
RMweb Gold Geep7 Posted December 30, 2018 RMweb Gold Share Posted December 30, 2018 Definitely was the best thing to do Andy, and thank you for taking such prompt action. At least it meant I could get on with some modelling yesterday without getting distracted. Link to post Share on other sites More sharing options...
chaz Posted December 30, 2018 Share Posted December 30, 2018 Regular users like myself value RMweb very much and certainly missed it yesterday, so full marks to Andy Y for dealing with the problem so promptly. Chaz Link to post Share on other sites More sharing options...
RMweb Premium Foden Posted December 30, 2018 RMweb Premium Share Posted December 30, 2018 It’s good to have the forums back Andy. Thank you for your time and efforts invested over the festive/new year period to do so. 1 Link to post Share on other sites More sharing options...
Paul80 Posted December 30, 2018 Share Posted December 30, 2018 Good to see some quick action, unlike the banks etc that take months before they even hint that there might have been an issue. Link to post Share on other sites More sharing options...
phixer64 Posted December 30, 2018 Share Posted December 30, 2018 Well done Andy, good to see the forum up and running, On a lighter note, managed to do serious building of MSE signals yesterday. Regards to All 5 Link to post Share on other sites More sharing options...
phil gollin Posted December 30, 2018 Share Posted December 30, 2018 Thanks very much for all your efforts, yesterday and on-going. I particularly liked the updates you posted on the base page yesterday, very helpful. Link to post Share on other sites More sharing options...
RMweb Gold chris p bacon Posted December 30, 2018 RMweb Gold Share Posted December 30, 2018 Many thanks to Andy for the swift action taken, the timeline of actions taken on the initial page was very informative and also gave an idea of the headache Andy had. Link to post Share on other sites More sharing options...
RMweb Gold McC Posted December 30, 2018 RMweb Gold Share Posted December 30, 2018 Thanks so much Andy and team! Superb communications throughout. 1 Link to post Share on other sites More sharing options...
RMweb Gold rodent279 Posted December 30, 2018 RMweb Gold Share Posted December 30, 2018 Well done and thanks for your efforts. One good thing came about from it-I finally renewed my McAfee subscription. 1 Link to post Share on other sites More sharing options...
JJGraphics Posted December 30, 2018 Share Posted December 30, 2018 Well done and thanks for your efforts. One good thing came about from it-I finally renewed my McAfee subscription. Forget McAfee, do as Andy suggests and check your computer with the free version of Malwarebytes. John Link to post Share on other sites More sharing options...
RMweb Gold rodent279 Posted December 30, 2018 RMweb Gold Share Posted December 30, 2018 Forget McAfee, do as Andy suggests and check your computer with the free version of Malwarebytes. John Bit late now! What does Malwarebytes do that McAfee doesn't? 1 Link to post Share on other sites More sharing options...
Robin2 Posted December 30, 2018 Share Posted December 30, 2018 Good to see prompt action being taken. Also, its a relief to see Ukraine being blamed. I thought it may have been my fault because the day before I had said to myself that I have never seen any spam messages on this Forum ...R 1 Link to post Share on other sites More sharing options...
JJGraphics Posted December 30, 2018 Share Posted December 30, 2018 Bit late now! What does Malwarebytes do that McAfee doesn't? Finds things that McAfee doesn't, is not a resource hog and its malware database is sometimes updated multiple times a day. John Link to post Share on other sites More sharing options...
RMweb Gold rodent279 Posted December 30, 2018 RMweb Gold Share Posted December 30, 2018 (edited) Finds things that McAfee doesn't, is not a resource hog and its malware database is sometimes updated multiple times a day. John Ok ta, I'll have a look into it. Edited December 30, 2018 by rodent279 2 Link to post Share on other sites More sharing options...
RMweb Gold chris p bacon Posted December 30, 2018 RMweb Gold Share Posted December 30, 2018 Also, its a relief to see Ukraine being blamed. I'm sure I read a post just before the attack where someone was asking to see the Cathedral... Link to post Share on other sites More sharing options...
RMweb Premium PhilJ W Posted December 30, 2018 RMweb Premium Share Posted December 30, 2018 Glad to see RMweb back. This Christmas I have had four phishing attempts, all of which went straight to my spam file, last year I had none. One in particular, a ransomeware demand appeared to come from my own e-mail address claiming that they had control of my internet. However the passwords they claimed were mine I did not recognise and a quick check of the source revealed it was from Russia. I ran my computer security just to be sure and everything was in order. Link to post Share on other sites More sharing options...
RMweb Gold big jim Posted December 30, 2018 RMweb Gold Share Posted December 30, 2018 Glad we’re back! 1 Link to post Share on other sites More sharing options...
Dick Turpin Posted December 30, 2018 Share Posted December 30, 2018 (edited) I got a phishing pop up that wouldn't let me close it, with a red screen claiming to be a Microsoft critical alert, and asking me to call a phone number. I did think I'd got a virus for a moment, but Googling it quickly revealed what it was, and the fact that it only popped up if I clicked on RMWeb confirmed what was most likely wrong before the site went down. I did run Malwarebytes as a precaution, which found nothing and uninstalled a few programs I didn't recognise (checking what they were with Google first of course) and fingers crossed all is OK. Tempted to get rid of all the other bloatware, which as far as I'm aware does nothing but slow the PC down. Edited December 30, 2018 by Dick Turpin Link to post Share on other sites More sharing options...
RMweb Premium ELTEL Posted December 30, 2018 RMweb Premium Share Posted December 30, 2018 I would also like to offer my thanks to Andy for his quick response in dealing with the attack. More importantly he kept us all informed in what was happening and a timescale of when it was likely to be back working. I wish that major organisations would do the same in keeping people informed of what’s going on. Andy enjoy the rest of your seasonal break. Terry Link to post Share on other sites More sharing options...
RMweb Gold Oldddudders Posted December 30, 2018 RMweb Gold Share Posted December 30, 2018 I would also like to offer my thanks to Andy for his quick response in dealing with the attack.He has been a particularly busy boy lately, it seems, with extra input required for the January BRM, so might have been hoping for a quiet festive season. Let’s hope things quieten down a little. 1 Link to post Share on other sites More sharing options...
Purley Oaks Posted December 30, 2018 Share Posted December 30, 2018 Thanks for spending your Saturday dealing with this, Andy, caught the updates. Expected site to be down until tmrw tbh. Reckon those pesky Russians have discovered some model railway secrets near Salisbury? 2 Link to post Share on other sites More sharing options...
RMweb Premium petethemole Posted December 30, 2018 RMweb Premium Share Posted December 30, 2018 The Thanks for spending your Saturday dealing with this, Andy, caught the updates. Expected site to be down until tmrw tbh. Reckon those pesky Russians have discovered some model railway secrets near Salisbury? The 2' 6" gauge strategic reserve at Dean Hill? I know they said it was all removed..... 5 Link to post Share on other sites More sharing options...
RMweb Gold Ian Hargrave Posted December 30, 2018 RMweb Gold Share Posted December 30, 2018 Thanks for spending your Saturday dealing with this, Andy, caught the updates. Expected site to be down until tmrw tbh. Reckon those pesky Russians have discovered some model railway secrets near Salisbury? Ukraine the apparent source of the hit.So not exactly what we might think.But wherever and whoever,Andy was onto it promptly and effectively.All our thanks and good wishes to him for that and for a stressless New Year. Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now