just in case you missed all the fun, the 914club website was down for almost a week after we had been hacked/hijacked and a so called "Trojan" virus was planted on our server.

the intention of the virus was to be spread to our members computers to be able to gain control over as many computers as possible.

luckily, i catched it fairly quickly and shut down the site as a precaution while i was upgrading the system.

the system is once again virus free (for now) and hopefully stays that way.

if you are in doubt about your computer and you think you might have catched the virus, please, update your antivirus software to the latest version and do a full scan of your harddrive.

i'm sorry if this caused any of our members any trouble ...
Andy

I vote we blame it on Texas boy.....

Oh ya gud yob Ahhhndy.

booya! we're back

thanks for the good work Herr Andy!!!
have a rum-coke on me

Glad to be back home.


KT

I just woke from a horrible dream! I had this repeating nightmare that every day for a week I woke up and tried to log on and all I got was a splash page. It was horrible!! Glad it was only a dream....

Thanks Andy!

Damn! I was hoping for another week off!

Thanks for your hard work Andy, it's appreciated.

Don

Thank You! and all who helped........

Andy you have done it again. THANK YOU.

Thank you ..and those who initiated this virus - f OFF

andy- just for fun. past tense of catch is caught.


thanks for all your hard work boss!

grr...aaron said it before me! lol, just poking at you andy

P.S. I got it before you shut the club down, and if anyone else cares, it takes control of your virus protection(mine was norton) and it will shut it down. Luckily, we have to virus protection systems, so the other one caught it. It could get nasty quick, so I would recommend checkin it out.

Good Job Andy

Thanks Andy. And thanks to all those who helped Andy, too. Life is much better when the 914Club is around.

wouldn't that be TWO

thanks andy

hot damn we're back! nice work as always andy

Andy, thanks for everything...I, and many others owe you many drinks...we're not worthy....

[quote name='(*)(*)' date='May 16 2006, 07:35 PM' post='680980']
I vote we blame it on Texas boy.....


Not all of us are so bad.....but most of us do have guns

Thanks Andy

Thanks again!

Thanks for all the hard work...

Great work Andy! Thanks!

Andy,

was it a name/password issue on the update page?


B

nope ...

You Da Man. Thanks Andy.

Thanks Andy...

Thank You Sir!

Thanks Andy!!

Andy, you rock. Thanks for all the hard work!

Exactly!
Thanks Andy!

Lisa

Yaaaaayyyyyyy!!!!!!!!

Sor Ahndie does it again.....

In honor of your hard work and diligence, little kitty wanted the change to my avatar...


Ken

Andy, you and the site are appreciated.

Dude you rock!

Andy,
You R da-man....thanks for your tireless efforts on our behalf....much appreciated. Missed this site big time.
Greg

So far no Alpha so it looks like the patch it holding.

Thanks admin gang!

It's about time here I was just got my car and got a million questions, then the sight goes down

Finally get 'round to getting another 914, come to the site, and it was down! Glad it's back up!

I've been running OSX on a powerbook for over 3 years. Nary a virus.

Apple just released an Intel Macbook for less than $1100. yes, it WILL run windows, and yes Windows on a mac is still insecure.

If you have no compelling reason that you MUST own a Wintel machine, check out the Mac.

Pheeewww! I thought I was out o here for a month...

Hey Andy,
why the FUCH are you apologizing?


Many have said it before me, many will say it AGAIN & AGAIN,

THANK YOU for ALL your hard work on this home, er, website!

Not to be redundant (or repetative) THANKS for all the hard work, this site is great!

I hit my bookmark 2-3 times a day during the shutdown. But after seeing das pelikanpost I desisted, then checked my IP against the felony list and was relieved to see that I was clean. Thanks for all of your efforts.

Thank you Andy! I really missed this place!

*twitches*

Im

*twitch*

Recovering slowly from the site

*twitch*

being down..

Another week, and I would have died..

THANKS ANDY!!!!!!!!!!!!!!!!!!!!!*twitch*!!!!!!!!!!!!!!!!!!!

Did this thing have a name?

PHP Exploit called "r57 shell" ...
http://www.symantec.com/avcenter/venc/data...stbackdoor.html

BUT that's only the part that infected the *server* ...

the part that infected the members computers is "Hacktool.IE.Exploit" ...


Andy

It was listed back in 05? I *thought* I saw Norton running on the machine? Did Norton catch it?

Can I upload thew McAffee client that you can monitor from anywhere?


B

norton didn't catch it because there was nothing to catch (i'm talking about the server part here) ...
and McAffee would not have catched it either ...

the actual trojan that was downloaded to the mebers machines is pretty old, it's been around for a while ...

brad, i just told you on the phone how they got into the server. did you hear me say anything about them planting a "file" ?

the anti-virus software on the server never catched it because there was nothing to catch. by the time the guy was done, all that was left was a *link* in the main index page of this BBS to a hacker owned server that automatically downloaded the 2nd part of the attack to whomever was looking at the index page ...

they only used our server as a "host"
and all they hosted was a *link* to the actual backdoor trojan that resides on their own server ...

does this make any sense?

*NO* amount of anti-virus software on the server would have prevented this, BUT up to date anti-virus software on the viewers part would have catched the trojan.
as it did on my machine. i actually had windows defender go bezerk when i looked at the clubsite.
that's when i went and shut it down immediately ...

Andy