Jump to content
 

Forum malware attack - 29 Dec 2018

Andy Y

By Andy Y,
in Forum Rules, Notices, Faults & Help

 Share

Recommended Posts

Andy Y

Andy Y

Posted
Posted

Users may have seen spurious pop-up ads and/or hijack pages and/or login boxes for a short period from around 13.00 to 13.25 yesterday before I took the site offline for remedial action. I don't believe any of those pages will have caused any issue to users' systems but I hope no-one attempted to put their login details into one of the spurious login boxes; if you did I would recommend installing and running the free version of Malwarebytes.

 

There were two distinct issues caused by a hack which seemed to come via the Ukraine, these have been removed and functions tested but I still have some work to do. There may still be a vulnerability for recurrence but that will be worked on too. If there should be a repeat it should be quicker to resolve if it takes similar form.

 

I'm sorry for the inconvenience but the best thing to do was to take the site offline to prevent risk to users whilst the issue was resolved.

  • Like 3
Link to post
Share on other sites
  • RMweb Gold
Geep7

Geep7

Posted
  • RMweb Gold
Posted

Definitely was the best thing to do Andy, and thank you for taking such prompt action.

 

At least it meant I could get on with some modelling yesterday without getting distracted.

Link to post
Share on other sites
JJGraphics

JJGraphics

Posted
Posted

Well done and thanks for your efforts. One good thing came about from it-I finally renewed my McAfee subscription.

 

 

Forget McAfee, do as Andy suggests and check your computer with the free version of Malwarebytes.

 

John

Link to post
Share on other sites
Robin2

Robin2

Posted
Posted

Good to see prompt action being taken. 

 

Also, its a relief to see Ukraine being blamed. I thought it may have been my fault because the day before I had said to myself that I have never seen any spam messages on this Forum :) 

 

 

...R

  • Like 1
Link to post
Share on other sites
JJGraphics

JJGraphics

Posted
Posted

Bit late now!

 

What does Malwarebytes do that McAfee doesn't?

 

 

Finds things that McAfee doesn't, is not a resource hog and its malware database is sometimes updated multiple times a day.

 

John

Link to post
Share on other sites
  • RMweb Gold
rodent279

rodent279

Posted
  • RMweb Gold
Posted (edited)

Finds things that McAfee doesn't, is not a resource hog and its malware database is sometimes updated multiple times a day.

 

 

John

Ok ta, I'll have a look into it.

Edited by rodent279
  • Like 2
Link to post
Share on other sites
  • RMweb Premium
PhilJ W

PhilJ W

Posted
  • RMweb Premium
Posted

Glad to see RMweb back. This Christmas I have had four phishing attempts, all of which went straight to my spam file, last year I had none. One in particular,  a ransomeware demand appeared to come from my own e-mail address claiming that they had control of my internet. However the passwords they claimed were mine I did not recognise and a quick check of the source revealed it was from Russia. I ran my computer security just to be sure and everything was in order.

Link to post
Share on other sites
Dick Turpin

Dick Turpin

Posted
Posted (edited)

I got a phishing pop up that wouldn't let me close it, with a red screen claiming to be a Microsoft critical alert, and asking me to call a phone number. 

 

I did think I'd got a virus for a moment, but Googling it quickly revealed what it was, and the fact that it only popped up if I clicked on RMWeb confirmed what was most likely wrong before the site went down. I did run Malwarebytes as a precaution, which found nothing and uninstalled a few programs I didn't recognise (checking what they were with Google first of course) and fingers crossed all is OK. 

 

Tempted to get rid of all the other bloatware, which as far as I'm aware does nothing but slow the PC down.

Edited by Dick Turpin
Link to post
Share on other sites
  • RMweb Premium
ELTEL

ELTEL

Posted
  • RMweb Premium
Posted

I would also like to offer my thanks to Andy for his quick response in dealing with the attack.

 

More importantly he kept us all informed in what was happening and a timescale of when it was likely to be back working.

 

I wish that major organisations would do the same in keeping people informed of what’s going on.

 

Andy enjoy the rest of your seasonal break.

 

Terry

Link to post
Share on other sites
  • RMweb Gold
Oldddudders

Oldddudders

Posted
  • RMweb Gold
Posted

I would also like to offer my thanks to Andy for his quick response in dealing with the attack.

He has been a particularly busy boy lately, it seems, with extra input required for the January BRM, so might have been hoping for a quiet festive season.

 

Let’s hope things quieten down a little.

  • Like 1
Link to post
Share on other sites
  • RMweb Premium
petethemole

petethemole

Posted
  • RMweb Premium
Posted

The

 

Thanks for spending your Saturday dealing with this, Andy, caught the updates. Expected site to be down until tmrw tbh.

 

Reckon those pesky Russians have discovered some model railway secrets near Salisbury?

 

The 2' 6" gauge strategic reserve at Dean Hill? I know they said it was all removed.....

  • Like 5
Link to post
Share on other sites
  • RMweb Gold
Ian Hargrave

Ian Hargrave

Posted
  • RMweb Gold
Posted

Thanks for spending your Saturday dealing with this, Andy, caught the updates. Expected site to be down until tmrw tbh.

 

Reckon those pesky Russians have discovered some model railway secrets near Salisbury?

Ukraine the apparent source of the hit.So not exactly what we might think.But wherever and whoever,Andy was onto it promptly and effectively.All our thanks and good wishes to him for that and for a stressless New Year.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...