Curious about the site attack

I must be on a few peoples ignore lists, so I'll update my experience for the rest of you.

I DID click the red "X" to close the pop-up, I did NOT get any notification from AVG that anything malicious happened at the time.

I did four seperate scans with Malwarebytes;
-Full scan of my primary drive first: NO infections
-Full scan of remaning "Trainz" Drives: NO infections
--Restart Computer--
-Quick scan: NO infections
--Used computer for many hours--
--AUTO Update to AVG this afternoon. Restarted Computer again--
-Quick scan entire system: NO infections.

Microsoft Internet Explorer 8, Win7 64bit, AVG Free, Malwarebytes Free.

I'm not a microsoft "fanboy" by any means, I do use Google Chrome for some things like Facebook, where Chrome is a little more "open" to allow better functionality, but I suspect those not using IE8/9/10 are the ones having issues, because of how Chrome and Firefox handle incoming requests differently...allowing anything that is not explicitly forbidden.

As to the "context" of the Pop-up, my initial thoughts are that the attackers were going after Forums hosted by companies who sell products, inferring that the company is a "whore" for selling what they believe should be free...in our case, "Train games".
-As was pointed out to me by others, This Forum was NOT the only one attacked, so I do NOT think it was someone STRICKTLY upset with N3V, but it still could have been someone who bought something and feels they got ripped off, or someone banned from the forums. You have to figure, if they got banned from here, they probably got banned from elsewhere too. (This is purely speculation).
 
JCitron said:
This by far is only a small part of fighting malware. The other part is educating the end-users on how to be suspicious of odd behaviours, not to click on weird pop-ups, etc..
Click to expand...

Another important part of fighting malware is for your company not to "cheap out" and get the lesser of the available anti-virus software (for which I will not name names). My former company "cheaped out" and the purchasing department (the folks who correspond outside the company most) got infected with a very old virus and completely avoidable virus that went out of style in 2002 (i.e. before the cheapo guys got into the business).

JCitron said:
There is nothing wrong though about being paranoid when something like this happens.
Click to expand...

I respectfully submit that this thread is increasing the risk of another attack. When the attackers revel in how much chatter they have stirred up here, they will select us again because we demonstrate how much we were affected. Vocalizing paranoia makes this worse.
 
Last edited:
Tracking as many as 27-37 tracking cookies, are norn for the everyday Forum login ... I remove cookies, delete and all my history, passwords, everything as many as 3 times per day, and scan using Norton, Malwarebytes, MS Security Essentials up to 3-4 times per week (overnight).
 
Another good safe guard is to setup your browser, whether IE, Chrome or Firefox, to "Block all 3rd party Cookies" and "Prompt user for 1st party Cookies", then also block "session cookies".

-If you do online banking, you may need to add your bank or CC company sites to an "exceptions" list for "session cookies", as you need "session cookies" to access their security protocals.

I ONLY allow cookies on my machine when I know I absolutely HAVE TO, such as the Forum, to remember my user name and password at login, or if I have a tall glass of milk.
 
deneban said:
Another important part of fighting malware is for your company not to "cheap out" and get the lesser of the available anti-virus software (for which I will not name names). My former company "cheaped out" and the purchasing department (the folks who correspond outside the company most) got infected with a very old virus and completely avoidable virus that went out of style in 2002 (i.e. before the cheapo guys got into the business).



I respectfully submit that this thread is increasing the risk of another attack. When the attackers revel in how much chatter they have stirred up here, they will select us again because we demonstrate how much we were affected. Vocalizing paranoia makes this worse.
Click to expand...


Good point on the A/V. I worked for a big company that went cheap too. For us support staff, it was difficult to keep the systems clean as we faced 15-20 infections per day and then some after I left. I had a 95% success rate in the repair.

I wouldn't worry too much about the hackers. They are interested in the forum vulnerabilities which have been patched. In any even we weren't the only ones hacked and with the same vulnerability.

John
 
Just throwing in my two cents, brand new laptop only a week old:
75ta.jpg
 
AJ_Fox said:
When I logged in, all I saw was an outline of the Forum. I never saw a popup and wouldn't have opened it if I did. That is usually a ticket to a virus or whatever. After running two different protection apps, everything showed clear.

Cheers

AJ
Click to expand...

I saw the same outline when I visited the forum, however, I never automatically log in, but, only do so when everything looks hunky dorey, and I want to post something on a thread, if folks just clicked on this site without logging in first, to see what status it is showing, then they wouldn't have any nasties attacking their PC systems, prevention is better than cure, just a thought......

Cheerz. ex-railwayman.
 
slabay said:
Just throwing in my two cents, brand new laptop only a week old:
Click to expand...

Hi Scott,

That's too bad. Do you have any details on the bug?

Interestingly, my old company purchased a bunch o laptops from an OEM that came infected. I'll never forget that!

An overnight scan again showed nothing. I have some other tools to run to ensure definitely my machine is clean.

John
 
JCitron said:
That's too bad. Do you have any details on the bug?
Click to expand...

I didn't really pay attention to it other than to get rid of it. I got Trend Micro's Titanium IS for a year free with the purchase of the laptop- I haven't installed it yet, so I'll go further than Windows Defender for security, but it is just part of the learning curve being full-time in the PC world. It is one of the things I will miss from my relatively safe and cozy Mac world.
 
slabay said:
I didn't really pay attention to it other than to get rid of it. I got Trend Micro's Titanium IS for a year free with the purchase of the laptop- I haven't installed it yet, so I'll go further than Windows Defender for security, but it is just part of the learning curve being full-time in the PC world. It is one of the things I will miss from my relatively safe and cozy Mac world.
Click to expand...

The relatively cozy Mac world is right. They get malware too as that platform is becoming popular. Remember the malware writers go for the biggest bang and annoyance so they'll go for the biggest market and the one that's worth writing for.

Unlike Apple, Microsoft publishes updates frequently. Whenever updates are offered, especially security updates, install them. In many cases you may have to reboot, but it's worth it in the end for security.

I highly recommend that you install the Trend. This is an excellent product which I've used for years.

John
 
You must log in or register to reply here.

Similar threads

K
Early US Diesel Locomotives?
2
Replies
20
Views
736
JCitron
J
U
Curious about similar assets
Replies
11
Views
1K
blueodessey
B
E
Unable to download anything from Download Station no matter what I do
2 3
Replies
45
Views
1K
PhilChorusch01
P
C
Asset to put text on the ground, visible in Driver
Replies
4
Views
211
java23
J
M
Did someone crash the forums?
Replies
4
Views
569
MasterTracklayer
M
Back
Top