Filmspotting Forum
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email
?
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
News:
Guests, welcome! Please introduce yourself
Home
Help
Chat
Calendar
Login
Register
Filmspotting Forum
»
Filmspotting Message Boards
»
Comments/Suggestions
»
website being compromised
« previous
next »
Print
Pages: [
1
]
Author
Topic: website being compromised (Read 2940 times)
dassix
Junior Member
Posts: 58
website being compromised
«
on:
February 22, 2017, 11:45:35 AM »
I messaged Saltine, but I also wanted to post something out there for other users to see as well (I cannot create in the announcement thread).
When visiting the filmspotting.net today 12:15 PM EST, the text was not legible and shortly after navigating to the website received a popup from "Google Chrome" informing me that the browser cannot display the fonts and I needed to download a font pack. The file was named "GoogleChromeFontPack".
This file is maclicious -
NO NOT DOWNLOAD - DO NOT INSTALL
According to various security sites, this is a new Chrome malware vector. Receiving this prompt upon visiting a website, implies the website has been compromised in some manner.
https://thenextweb.com/security/2017/02/21/chrome-missing-font-hack-malware/#.tnw_Mgt6eLAk
https://www.bleepingcomputer.com/news/security/fake-chrome-font-pack-update-alerts-infecting-visitors-with-spora-ransomware/
The hack appears to be a JavaScript injection. I am somewhat new here, and thus do not know who manages the actual site or hosting - please forward this information to the appropriate person.
«
Last Edit: February 22, 2017, 12:19:04 PM by dassix
»
Logged
DarkeningHumour
Objectively Awesome
Posts: 10453
When not sure if sarcasm look at username.
Re: website being compromised
«
Reply #1 on:
February 22, 2017, 01:15:33 PM »
Thanks for the heads up.
Logged
« Society is dumb. Art is everything. » - Junior
https://pretensiouslyyours.wordpress.com/
saltine
Administrator
Godfather
Posts: 9800
Re: website being compromised
«
Reply #2 on:
February 22, 2017, 03:11:21 PM »
Thank you, dassix. I forwarded to Adam. I also saw that "GoogleChromeFontPack" download on the site yesterday, but only once as I go to the site dozens of time a day.
We'll see what Adam says...
Logged
Texan Down Under
dassix
Junior Member
Posts: 58
Re: website being compromised
«
Reply #3 on:
February 22, 2017, 04:47:12 PM »
I was able to replicate it 3 other times at work on VMs. It does seem to be sporadic, as it took sometimes several attempts to trigger it. I must have good luck, because when I got home from work, it happened instantly
«
Last Edit: February 22, 2017, 04:56:29 PM by dassix
»
Logged
saltine
Administrator
Godfather
Posts: 9800
Re: website being compromised
«
Reply #4 on:
February 22, 2017, 05:06:29 PM »
That is what I saw. I closed the tab and tried again and it was not there.
Logged
Texan Down Under
Slacker
Junior Member
Posts: 19
Re: website being compromised
«
Reply #5 on:
March 29, 2017, 10:25:21 AM »
I just had this happen. Chrome, Windows 7.
Logged
Slacker
Junior Member
Posts: 19
Re: website being compromised
«
Reply #6 on:
March 29, 2017, 10:33:34 AM »
I restarted chrome, went back and it happened again.
Logged
Adam
Administrator
Elite Member
Posts: 4572
Re: website being compromised
«
Reply #7 on:
April 26, 2017, 08:19:34 PM »
Well, website compromises shouldn't be an issue anymore...
Logged
Follow Filmspotting on Twitter at
http://twitter.com/filmspotting
Listen to Filmspotting at
https://www.filmspotting.net/
and on Chicago Public Radio (91.5 FM)
1SO
FAB
Objectively Awesome
Posts: 36128
Marathon Man
Re: website being compromised
«
Reply #8 on:
April 26, 2017, 08:33:38 PM »
Will billing be based on Number of Posts or Most Time Online? (Either way, I'm going to have to pay in installments.)
Fantastic news!
Logged
Essentials
Horror/Thriller 1000
Print
Pages: [
1
]
« previous
next »
Filmspotting Forum
»
Filmspotting Message Boards
»
Comments/Suggestions
»
website being compromised