WARNING! Other MJ Forums Hacked!

[BlueCheer]

Also when you run your Anti-Virus, like Zone Alarm, go into advanced settings and click on 'Deep Root Scan for every six months'...it scans every single file on your computer. When it comes to anti-virus and our hobby you're way better off purchasing a top brand Internet Security & Anti-Virus software. The weakest link in the chain will always get you. Why skimp on security to save $50. It makes no sense to me.

Cheer

 

[MotaHead]

Malwarebytes is the shit, the free version is good but you can run a trial complete version and clean your PC up real good.

I noticed BS right after going on RIU for a minute the other day - ran Malwarebytes - 4 Trojans and 2 Broken Opens. Not going back.

 

[MotaHead]

Hitman pro has removed rootkits for me that most other top av programs didnt even detect.

2nd that!

 

[SeaMaiden]

I'm fairly certain that any Windows user can burn a LiveCD of Ubuntu and view anything on the internet, as well as check email, using only that. Of course, because you're viewing and browsing via the software on the CD, nothing is cached, no passwords remembered or anything like that. This may or may not increase the tolerable level of the PITA factor, but it is quite safe and 'undoable' if you will.

Then, if you find you happen to like Ubuntu, you can consider partitioning your drive and making it a dual-boot machine (if you really really REALLY need Windows, that is), perhaps with a shared drive, and then you have the safe partition of Ubuntu, and the Windows partition, with a shared partition viewable and storable by both OSs on the other partitions.

 

[Ickis]

I don't think it was an infectious bug. It was a parasitic redirect that was hacked onto the site. It wasn't a worm or a virus to mess with home computers. That would not have helped them accomplish what they wanted to do. They wanted to make people aware of them and their cause. It was a political video called Nazi Banking.

Right off the bat all the Apple iMac and MacBook users are totally safe from any worm or viruses. There has never been a virus or a worm that caused problems for Apple. Seriously every once in awhile you here a humor there is one. But the fact is there never is.

So all my fellow mac users we can kick back and enjoy. I click on everything and anything. I have been an Apple guy since 1983 and that would be 29 years bug free. Hell even back in 1985 when I used Prodigy to get on the internet I never got anything and there were no firewalls or antivirus programs back then.

 

[catalyte]

^ i hope you are right!!

 

[Iraganji]

I'm fairly certain that any Windows user can burn a LiveCD of Ubuntu and view anything on the internet, as well as check email, using only that. Of course, because you're viewing and browsing via the software on the CD, nothing is cached, no passwords remembered or anything like that. This may or may not increase the tolerable level of the PITA factor, but it is quite safe and 'undoable' if you will.

Then, if you find you happen to like Ubuntu, you can consider partitioning your drive and making it a dual-boot machine (if you really really REALLY need Windows, that is), perhaps with a shared drive, and then you have the safe partition of Ubuntu, and the Windows partition, with a shared partition viewable and storable by both OSs on the other partitions.

Yes, and a great point. I used to make all my internet purchases with a Linux live CD. It is easier than many realize I think to download an Ubuntu ISO, burn it, and try it out without any worries of ruining your machine. For me it was the best thing I ever did to improve my computing experience. In time, I eventually did a full install, so now at boot, "grub" loads and lists all the os's that are on any of the hard drives and lets me choose which to boot. For some reason, 99.9 percent of the time, I boot Ubuntu.

 

[Skip]

I don't think it was an infectious bug. It was a parasitic redirect that was hacked onto the site. It wasn't a worm or a virus to mess with home computers. That would not have helped them accomplish what they wanted to do. They wanted to make people aware of them and their cause. It was a political video called Nazi Banking.

So you're saying it's Anonymous behind it and all they did was take you to an "innocent" video...

If you think that, you really don't how Anonymous works...

In fact, that is not what happened to me when I went to one of the sites...

 

[Han Grolo]

Thanks for the heads up Skip and for all your hard work keeping us safe.

I would just like to throw out my advocation for the firefox plugin No-Script. 4 pages deep, its surprising there hasn't been a mention of it yet. No-script puts all scripting on all websites on pause till you OK it to run, one time or always. Some might say it makes surfing a pain in the ass but hey so do viruses.

Check it out here:
http://noscript.net

And if you've already been backdoored so to speak from something nasty, Trendmicro's free housecall scanner has taken care of 99% of what Ive thrown at it in the past. The URL is http://housecall.trendmicro.com/


Stay safe everyone!

 

[Skip]

UPDATE 3/18: After reading the reactions and admin responses on these other websites to what happened, I feel compelled to provide even more info on the risks involved, because these admins are shirking their responsibilities and possibly putting people at risk.

Here are some facts for everyone to think about:
1. Many websites were hacked using the SQL database injection method over the past week (only a few sites were mj related). When successful, hackers can do most anything to the database, including copying or deleting data. In fact, one of the things they did was insert new text into thousands of recent postings on some of those sites.

2. Most people are assuming that Anonymous was behind the hack, some people are even sympathetic with their goals. Admins are saying NOT TO WORRY because Anonymous is cool and they didn't copy any data, all they did was redirect people to view a political video. However, that was not the same experience I had. On one site I got directed to a page that popped up my anti-virus warning me about the page. It wasn't the same page that other people got redirected to on other sites apparently.

And to make the assumption that Anonymous wouldn't release personal info into the public domain, is kinda strange, as that has been their M.O. for awhile now (esp. the splinter group, Lulzsec). I didn't watch the political video so I can't guess whether it was really anonymous or not behind the video and attacks.

Anonymous/Lulzsec/Anti-Sec seek to acquire enough personal info to hack into their accounts so they can release info on groups of people they target. I do agree that marijuana users in general would not be a logical target for them. Anonymous has always championed Free Speech, and attacked those who try to limit it. So I really don't think anyone need fear anonymous. But is that who is behind these attacks? I haven't seen any group take credit for it yet.

3. Other possibilities are that ppl were infected with a virus when they were taken to the redirected site (the reason why I've warned ppl to run a RootKit scan). That is the warning I got from my anti-virus which caught it. This would enable the hackers to take remote control of a victim's computer or read keystrokes to obtain passwords to accounts, esp. bank accounts and credit cards. If this were an Anonymous type of action, then they would just use your computer to attack other computers unless you are someone they've targeted.

4. I think the other admins should at least suggest their members change their passwords and do a full anti-virus scan.

No, imo, this was not about Anonymous. Perhaps that was just a cover. I'm leaning towards it being grey or black hats, looking to make some money, either thru extortion or theft of personal info. At this point the evidence I see points to that. But I have less info avail than the webmasters of these other hacked sites do, so keep that in mind.

 

[BlueCheer]

Well, it's a damn election year, and that's when all the crazy stuff always happens. Anything is possible at this point. For it to be government hackers, an election year would be their only motivation, imo.

Homeland Security is still wrapped up in spying on possible Terrorists. That's who they'd be hacking, ya know?

Thank You Skip for the update!

 

[Ickis]

Skip this site and every other site I go to be it a pot site or whatever doesn't have my real name or info so what are they going to find out?

Even on facebook I use a made up name, a made up birth date. I only go there to play farm Town. Plus I have a Mac. Nothing is going to happen to me or my computer. The worst thing that should potentially happen to anyone on these cannabis sites is you get a virus which even though a pain can easily be removed. Nobody is going to find out who you really are if you used fake names and info.

Hell when I first got this laptop it was for stealth surfing. I have a fake name entered as the user/owner on this computer.

There is no harm against warning people or helping them get their system tightened up. There is nothing special about this site over the others that prevented the hack though. They just didn't try on this site.

It is yesterday's news though. I heard it was some christian group.

 

[SeaMaiden]

Skip, at this point, seeing how one admin/owner of another site is treating members with questions, I have to agree with the first statement regarding shirking their responsibility.

I didn't experience anything like what you and others have reported, all I saw was a message saying they'd be back after a couple of days. No links, no videos, no links to videos. I assume that's to do with my OS, or, I wasn't paying close enough attention. But at this moment I have a fat, wiry hair laying right across my ass about how some site admins treat good, contributing members. Don't they realize that it's the MEMBERS that make the site, not the admin?

 

[wantaknow]

yes thanks skip ,unlike some around here ,u care ,well that will get this deleted too

 

[Goldminer]

Who cares shit happens just like any and every day, why do we all need to live in fear of everything , everyone and succumb to this bs.........if your worried about credit card and personal info, DONT USE IT ON YOUR COMPUTER, remember the good old days of picking up the phone and calling to make an order or what have you.....many of you depend on these tech gadgets and electronic junk WAY TOO FUCKING MUCH.....another reason I hate computers and technology.
It is a nice option to have these computers and the info found on the internet, but when this shit and these materialistic doo-dads and techy gadgets consume your livelihood and your personal security , than they are not a useful asset but a threat, but hey many of you depend on them and all they do, too bad, a pen, paper, and a land line worked for a long time, no reason it still couldnt!!!
Of course it is this 40 somethings personal opinion only, so say what you will it wont change me 1 bit!!!

 

[Skip]

There is NO PROBLEM if you do as I suggested. Run anti-virus and if it comes up positive, change your passwords. That's All you have to do to be safe.

So it's no big deal, UNLESS you don't know about it and don't check your computer's security. Then it could be a big deal.

And here is what I'm seeing... There were A NUMBER OF THINGS done to people during this attack. It wasn't just one thing. Different things happened to different people, apparently. Which likely means the real point of the attack is being obscured so people don't find the real attackers or their true motives.

I'm still of the opinion it's grey and black hats looking to make money.

So they're not after your grow nor are they gonna bust you.

 

[kmk420kali]

RIU and TF


You need a good (usually paid for) anti-virus to do a root-kit scan. It should be updated.

Dr Web is prolly the best free program out there, to my knowledge-- It covers everything, including root kits--
http://www.freedrweb.com/cureit/

 

[BlueCheer]

The Hackers just want our money, get in line! I hate people who break the line. They have no respect. Bastards...LOL

 

[Skip]

I didn't experience anything like what you and others have reported, all I saw was a message saying they'd be back after a couple of days. No links, no videos, no links to videos.

You were late to the party. The site was taken down earlier by the admins so they could change the software which was infected.

 

[serious6]

re: post #57

re: post #57

developed by RUSSIAN IT professionals - thanks bud, but no thanks. do you ever search? if has a spybot attached