Sport Pilot Talk The discussion forum for Sport Pilots and Light Sport Aircraft   You are viewing the archive. Click on the "SportPilotTalk" logo on the left for the live forum! SPORTPILOTTALK SERVER HACKED, MALICIOUS CODE INSTALLED Click here to go to the original topic          Sport Pilot Talk Forum Index -> Hangar Talk View previous topic :: View next topic   Author Message admin Joined: 26 Jan 2006 Posts: 51 Location: Maryland Posted: Mon May 18, 2009 9:53 am    Post subject: SPORTPILOTTALK SERVER HACKED, MALICIOUS CODE INSTALLED   If you visited SportPilotTalk.com between the dates of May 16th through 18th you may have had malicious code installed on your PC. I just discovered and corrected the problem this morning. SportPilotTalk (and millions of other websites) run on open-source software. This is free software developed by a community of contributors. Because it is "open" this means that anyone can look at the programming code and see how it is built. Unfortunately hackers take advantage of this and try to find security holes for exploitation. Apparently hackers from China were able to inject malicious code into SportPilotTalk.com code through a security hole. Then, just by visiting a website, any visitor had malicious code installed on their machine (via Javascript, a common programming language that runs inside your browser). I believe that I have solved this problem by overwriting the infected files and changing the file attributes to "read only." This will prevent hackers from modifying the SportPilotTalk files again.. I was actually warned that SportPilotTalk.com contained malicious code by the new Google Chrome browser. If your browser did not warn you, I recommend trying Google's new browser. It is quite nice. I discovered that one hacked website installed an executable file on my PC in the following location: C:\WINDOWS . You can check your own PC as well (sort by date and look for anything with an .exe extension that was recently installed). Another nifty program that I use on my PC is called "Process Explorer." This free download from Microsoft shows all of the programs/processes running on your machine. If you see anything running on your machine that does not have a company name associated with it, it might be malicious. Process explorer lets you "kill" such programs or processes. If you find an .exe program in your WINDOWS directory you may not be able to delete if it is running. You can use Process Explorer to stop it, then you can delete it. http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx Email me if you need any assistance: geraldz@sportpilottalk.com Gerald Zuckerwar, Administrator Back to top            Sport Pilot Talk Forum Index -> Hangar Talk Page 1 of 1 Powered by phpBB Search Engine Indexer Powered by phpBB 2.0.22 © 2001, 2002 phpBB Group