Community > News, announcements & important notice

Injection attack

Today we received an e-mail reporting an injection attack to our community.

The malicious files have been removed.

A big thank you to the email author - someone who has done a very good investigative job.

What sort of injection? I take it they were attempting to get user data?
Glad it was caught, send my Thanks down the line.

Should my password be changed or is there nothing to worry about?

Thanks for the head up. Keep up the good work.
No it has nothing to do with user data.

The email content is bellow (some content removed ***):

--- Quote ---To the administrators of bitcoinforum,

Dear sir or madam

I received a spam email containing a link to your site.

Investigating the url ([your domain]/******), I found that the head of ******.html contains an http-equiv attribute that triggers a redirect a russian scammer-domain,

Further redirects leads the unsuspecting to one of several sites presenting the opportunity to join some kind of ponzi-scheme.

I hope you can remove the offending page and prevent further injection attacks on your community-site. If bitcoin advocates can't guarantee the security of their forums, how will they convince the world that bitcoin is a secure and viable currency!


--- End quote ---


[0] Message Index

It appears that you have not registered with Bitcoin Forum. To register, please click here...
Go to full version