malware attack through the orchid board?
 

I have had it happen twice now that when I've surfed to the orchid board that some sort of Java plug-in installation initiates itself and dumps malware onto my system...several trojans and a virus. I also end up getting some sort of cookie error display code coming from the board .php script that accompanies this.

The odd thing is that I'm using Firefox, which should be more secure.

The board admin(s) may want to investigate this further and see if there have been any known malware attacks/exploits that work through the phpBB software or through any of the advertising/banner sources used on this site.

Has anyone else seen this?

---Prem

Yes! I logged onto the orchidboard for the first time in a few weeks Sunday night and immediatley my computer went nuts...it dumped a bunch of trojans and a fake anti-virus system on to it. It was a real pain to get it all cleaned off.

I wasn't sure where it had come from, but if it's happening to other people, it should be looked into I think.

I've not had any problems, but I will alert Marty to this thread as he's the one with control of the servers.

Actually my virus checker has just picked up a trojon and the only think I'm browsing is OB.

I will send Marty the details from my virus checker log.

hmmm interesting - last week - ? I think it was - I too got notified of trojan horse a couple of times, and I had only been to a couple of usually safe sites, so if others have seen it, maybe something related to OB

Wow. Sure glad I use a Mac!

Sheesh...here comes the MacinCrap smugness...

If Macs get any more popular, you Mac users will become a target for the virus-writers as well. Think that the Mac OS is somehow innately bulletproof? Then you do not know the history of the Unix OS at the heart of MacOS. The only reason that there are few to no Mac viruses is that virus writers want to target the largest possible group of computers (Windows-based) for their nefarious deeds.

And considering that Macs don't have any sort of true anti-virus software (aside from the stealth anti-malware OS updates that came with the last OSX upgrade), the first Mac-specific virus will probably run completely rampant through the Mac community.

Thanks for posting this, Prem! I haven't seen any problems yet, but decided to run a scan just in case something got through. I use Window OS, too. Plus I love AOL (why, I don't know). I have the McAfee Security that comes with the ATT U-verse and it seems to do a good job of catching everything so far. At my house, we have a wireless network with 5 computers running almost constantly and we are all over the web. So, I have been lucky. (knock on wood)

I've seen the cookie error message, but I don't have java, and haven't seen the trojans or virus.

Well, I just accessed the board a minute ago and got some odd php script thing which tried to redirect to a malware site in India...my antivirus at home caught the redirect. In addition, it seems that having upgraded to the very latest version of Java seems to have prevented the attack plug-in installation from occurring.

Hopefully Marty can find the rogue php script before more damage is done.

---Prem