Virus/malware on website!

you speak of personal info like you have uploaded you CC #'s, SSN, Address, Full name, DOB, Bank accounts, previous addresses, the names of your mother, father, and children. Chill the fuck out and smoke another joint dude. Your obviously not paranoid.

Scan your computer, remove the virus and MOVE ON. Problem solved? If you dont like the security here then move on to the next forum. No one is holding a gun to your head forcing you to stay here..
WOW! you are severely misinformed!!!!!!But hey go ahead dl that virus and move on while it watches and tracks every thing your pc does ignorance is the root of all evil.Hackers are so far ahead of the spyware software it's not even funny
It's also completely fucking ridiculous that we users are expected to have an anti-virus, but the webserver this website is hosted on doesn't even have one, what a joke. Since no admin or mod has considered messaging me for help on this issue, I will post it publically.

Back up the forum skin (only it's skin), back up the forum images (only the images). DO NOT BACKUP ANY .PHP FILES AS THEY MAY BE A SHELL (IE. Backdoor).

Back up the SQL database. Extract all backed up files to another machine, and run a virus scan on all files. Reformat the server this forum is hosted on, or atleast that partion if it's a VPS, reconfig the server (should be fast, it's just a simple webserver, I also recommend nginx or IIS if security is a concern, like here). Do a CLEAN install of the vbulletin (if the vbulletin is nulled/illegal, you can forget security, there is a reason people null/crack web software, and it's to have access to the websites using it (i.e hack them)). After you have done a clean install, replace the SQL database the clean install is using with the backup so it will restore all users, content, posts, ect. Then overwrite your images folder and replace the skin. Make sure a decent webserver anti-virus is installed such as Kaspersky Server, or if you are running a windows server, microsoft security essentials is just perfect.

Once all of this is complete, change SQL admin/db passwords, and then of course change them in the config.php of vbulletin. Next, make sure your read/write permissions are correct according to your web software (in this case, vbulletin). Make sure you are closing all ports as this site is only using port 80 to broadcast on, if you are secretly running an FTP server, make sure the password is complex enough so that a "hacker" will not gain access and upload a milicious file. Make sure anywhere a default password may of been used on your server that it is CHANGED (use capitals, lower case, letters, numbers AND special characters, you do NOT need to remember the password, simply paste it somewhere in a notepad file and write it down on a physical piece of paper -- to make it harder for hackers to brute force or use other means of getting in).

Add a cool-down to login attempts - meaning, make sure that if 3-4 invalid logins are made in let's say 5-10 minutes on the backend side (server/cpanel, ect) that the IP that made the invalid login attempts is blocked for atleast 15 minutes. Run a few scan tools such as acunetix or nexus on the webserver/site and make sure there are no vulnerabilities existing, such as sql injection, outdated software/os, windows updates, ect. And finally, add a connection limit such as 3-4 connections max PER IP. All of this will greatly reduce the surface area making it harder for hackers. The reason for deleting and doing a clean install is to remove any secondary backdoors the hacker may of left as the first one was discovered. Anyone who takes the time to hack a website will always leave a backdoor to get back in after being discovered, there is NO USE in removing the malicious code/file if you are going to use the same frame it was hacked on, don't be lazy - redo it.

People's credit card info, personal info, ect. are at risk and like I said the majority of people on this forum do use their credit cards to buy supplies/seeds online. Be smart about this, it's not something to be taken lightly. When people start noticing illegal changes on their account, new bank accounts being opened in their name/ssn, their paypals being hacked ect. and have to start making phone calls to these agencies to have their problems fixed it will be far too late. Snip it NOW

Not you mate... Your the only one here that is making sense. Ok, for real, Diablo 3. I'll respond to any other ignorance later.
Please go and re-read my posts. I never said there was no problem. I just don't think the sky is falling. People act like the site is the only one responsible for YOUR safety & security. I'll give you a few minutes to think about how assinine that is.;-)
As a former admin on a BIG weed site I feel for the admins here. This shit happens to EVERY site... especially weed sites. When you really need to worry is when the feds capture a bank of servers. Typically all hackers want from you is info that they can capitalize on... anything related to MONEY! Of course when the feds have servers... they are looking for personal identifiers to serve up as evidence in a court of law.

Folks need to give the admin and mods of this site a break, they know there is a problem and they WILL fix it.. I'm with the mods on this one... if you don't feel safe... GO SOMEWHERE ELSE harping on the mods won't solve anything.


ps: wonder how "donmagicjuan" feels now after asking how many sudafed pills it takes to make meth LMFAO!!!!
you cant it freezes the screen and DSCF0077.jpgDSCF0076.jpgthis message comes up i had to use my system image disc to roll back my computer! But it was fine after that:-(
go to accessories, system tools, system restore, go back a few weeks and it will go away.
is it me or has the site cours changed?

im bored now this was identifed as a problem in january but technology moves fast what gets blocked one day the hackers have worked around it the nesxt
so yeh it is rite give the MODS a break coz really its fuk all to do with them and they prolly wouldnt know what to do if it was hence them being a mod NOT a CODER or ADMIN

SO AGAIN has the colours changed or am i haveing a brain fart,
the url redirect seems to have gone or is that just me?

maybe your spyware or antvirus software mate lol u try and get into my system past my firewall and av haha i get a dodgy smelling fart through my network it gets regected lol
Sites fine now. They were temporarily dropped from the top of google, now they're back and no reports. Thanks for taking care of it quick.
My bullshit meter is ringing on this one. I'm sure there's a little truth in there somewhere, but my instincts tell me this is over exaggerated, stretched garbage. :sad:
Did you know that the local police detectives can put you on there payroll as a paid informant and they will let you grow and sell without any problems from them? ISNT THAT FUCKING FUNNY! So dont think a dealer is is safe or a grower isnt just as bad as a cop. They're even worse! I bet a bunch of members here are Narks. Who Cares. Fuck em. Got my ip addy? Good! See Ya Soon.
True! Happened to my bro, his best friend turned narc. Not so funny when they showed up in hazmat suits at his house all sorts of stuff missing besides grow equip too (cash, collectibles)... Narcs and thieves all rolled into one. Talk about licensed to ill!
It's also completely fucking ridiculous that we users are expected to have an anti-virus

We came under a very focused attack from two other "growing" sites. It's no secret that there are a lot of losers that want to take us down, trolls whose egos are much more important than thousands of members here. I can assure you that the admin is doing all he can to keep things safe. It's not like a hacker sends out a warning message and the software for this site is known to not be that great, but it is what it is. At least you can be sure that our servers are in a safe place, beyond the reach of the U.S. government - unlike other sites like Ass City or MJsmokers.
Where did I state that I didn't think I needed one? One thing about quoting another individual, especially in a text based environment like the internet is that the unwritten is YOU HAVE TO QUOTE MY ENTIRE TEXT. You quoted a piece of a line, and make unbased and unfounded speculations about me. I made this thread to inform people. I made this thread because my anti virus detected the malicious code. I made this thread because I am a web security expert and have several years of experience in the field.

Hop off my dick. If you read the thread, you would realize how far out there and mentally undeveloped you sound. Secondly, it is ILLEGAL to have MALICIOUS CODE/SOFTWARE on a webserver of anything, completely 100% illegal. This website was breaking the law when it allowed the fault to be present for more then 12 hours.

We came under a very focused attack from two other "growing" sites. It's no secret that there are a lot of losers that want to take us down, trolls whose egos are much more important than thousands of members here. I can assure you that the admin is doing all he can to keep things safe. It's not like a hacker sends out a warning message and the software for this site is known to not be that great, but it is what it is. At least you can be sure that our servers are in a safe place, beyond the reach of the U.S. government - unlike other sites like Ass City or MJsmokers.

Speaking of MJsmokers, those kids keep sending me pm's to join their forum lol
Well GC has been down all day. Been doing Google searches and their link just doesn't load.
Fine, I'll find my info on PL-L bare fixtures and bulbs (DIY?) somewhere else (like here)!
My bullshit meter is ringing on this one. I'm sure there's a little truth in there somewhere, but my instincts tell me this is over exaggerated, stretched garbage. :sad:
Anyone who knows me knows I speak truth even if it offends someone or gets me in trouble. Like I said... I just dont give a fuck what other people think. So what parts of what I said do you think is bullshit? I dont write something as a lie. Look at my past posts and you will see this is the first time Ive said anything like this. Im all about serious business. Please multiquote what I wrote that you think is bullshit and I will be totally honest to the story behind what you think is bullshit. K?
My bullshit meter is ringing on this one. I'm sure there's a little truth in there somewhere, but my instincts tell me this is over exaggerated, stretched garbage. :sad:

HAHAHA!!! No kidding bro! That little after school special make believe story had me lmfao!! :lol: :clap:
I got black suburbans driving up my street..they watchin me.....i sell right in front of the white house, dea headquaters and the cia and they look the other way!! Maybe switch to the indica strains bro...maybe a little less imagination station and more chiiillll 8-)
Just to be clear bro, ur saying because u say it, that makes it gospel?? I call buuuucht, sorry......but, it is a very entertaining story though! Gooood stuff :clap: