Notice of service for The Common Rail

It appears that The Common Rail, our community forum, has been hacked, and the website has been distributing various redirects to spam considered “low threat” by Sophos security software. If you have security software installed, you should get a message like “Malicious Content Blocked”, I got the following malware “Mal/Badscr-M” identified as the threat.

From my experimentation it appears to only affect user using Microsoft’s Internet Explorer browser. I use Firefox and never saw this issue; also tried Google Chrome and no issues there as well.

There is very little info to go on, it took me quite a while to put the piece together as to what is happening. Right now, I am in the process of figuring out a response and have disabled the forum area. It seems to have resulted from a security breach at my host company, Dreamhost.

As I am downloading the full content of the forum for analysis, Windows Security Essentials detected a backdoor virus in the Avatar folder (…and promptly deleted without giving me more info – arghhh).

I am sorry, especially to those who have been affected directly.

I am in contact with Dreamhost and phpBB to figure out a solution and I will hopefully be back online shortly.  – Martin, April 25, 2012, 10:00hrs EST

This article has 1 Comment

  1. 20:00 hrs EST – The servers were indeed infected, over 260 files were found damaged and have been repaired, others deleted. The site is back up and running and all appears normal, save for some design aspects when using Microsoft Internet Explorer.

    I will be upgrading the software so there may be some weird things going on over the next month.

    It seems the bonehead uploaded an Avatar that had malicious code in it, which also created a back door to the website – really sucks, I have no idea how much money, or what have you, can drive this type of behaviour.

    My wife thinks that the sign of a hacker targeting us is a sign of success, personally I think its so unfortunate that someone would be so smart and waste it on this type of foolish enterprise.

    Once again I apologize for the inconvenience this may have caused you. I would also suggest switching to Mozilla Firefox for your browser needs, as it is obviously a more robust program.

    – Martin

Leave a Reply

Your email address will not be published. Required fields are marked *