NAM Site Blocked as "ATTACK PAGE"

Discussion in 'MINI' started by goaljnky, Oct 10, 2010.

  1. goaljnky

    goaljnky New Member

    Apr 7, 2009
    3,105
    392
    0
    LaLaLand, Left Coast, Overpopulated and Underfunde
    Ratings:
    +392 / 0 / -0
    And things like this will not help them any:
     

    Attached Files:

  2. lotsie

    lotsie Club Coordinator

    May 5, 2009
    3,924
    400
    83
    stagehand/part time detailer
    Right here
    Ratings:
    +400 / 0 / -0
    [​IMG]
    I'm getting the same thing, not that I'm welcome there.

    Mark
     
  3. PGT

    PGT Wheel Whore

    May 4, 2009
    781
    7
    18
    Federal Gov Contracting
    Leesburg VA
    Ratings:
    +7 / 0 / -0
    AWESOME!!!! :devil:
     
  4. Dwight

    Dwight Racing with the Gods
    Lifetime Supporter

    Jul 7, 2009
    329
    12
    0
    RETIRED!!
    San Marcos, Calif.
    Ratings:
    +12 / 0 / -0
    This is probably old news by now, but yesterday all the browsers except IE blocked the NAM site as an Attack Page! It's still blocked today. :rolleyes:
     
  5. Rally

    Rally New Member
    Motoring Alliance Founding Sponsor

    May 5, 2009
    600
    49
    0
    Ohio
    Ratings:
    +49 / 0 / -0
    Pretty ironic because a friend of mine was recently banned from NAM because one of their moderators deemed that a link he posted could be potentially malicious to other members' computers. Now the whole forum is malicious. Time for the forum to ban itself. :lol:
     
  6. Dwight

    Dwight Racing with the Gods
    Lifetime Supporter

    Jul 7, 2009
    329
    12
    0
    RETIRED!!
    San Marcos, Calif.
    Ratings:
    +12 / 0 / -0
    #7 Dwight, Oct 10, 2010
    Last edited: Oct 10, 2010

    LMAO!! You ain't wrong about that. There are a number of folks on that site that could use some serious "attitude adjustment"! :eek:ut:
     
  7. Metalman

    Metalman Well-Known Member
    Lifetime Supporter

    Sep 29, 2009
    12,549
    7,423
    113
    Owner of a small custom metal fabrication company,
    Columbus, Ohio
    Ratings:
    +7,435 / 0 / -0
    Wow.....
    Wouldn't think all the vendors over there would be too happy about this. Not getting their advertisement monies worth if prospective customers are being warned to stay away.:frown2:
     
  8. ZippyNH

    ZippyNH New Member

    Jan 25, 2010
    1,404
    686
    0
    Pilot
    Southern NH
    Ratings:
    +686 / 0 / -0
    Still blocked!!
    I guess using a very old platform has finely bitten them in the butt!! I bet they got hacked!! The more info page shows the domains where the files come from....apparently self installing.....
     
  9. YeloMini

    YeloMini Member

    Jul 7, 2009
    234
    8
    18
    Ratings:
    +8 / 0 / -0
    I've seen this for over a month now. Started with just google searches showing a warning in their results and then like everyone else yesterday the whole red page warning.
     
  10. Way Motor Works

    Way Motor Works New Member

    May 4, 2009
    1,169
    205
    0
    MINI Tuner
    Atlanta
    Ratings:
    +205 / 0 / -0
    Got the same message last night and today
     
  11. Nathan

    Nathan Founder

    Mar 30, 2009
    25,144
    10,031
    113
    Writer
    Short North
    Ratings:
    +10,048 / 0 / -0
    FYI, M/A had the same issue about 2 weeks ago. The difference is that I caught it, cleaned it and protected against it happening again before Google had a chance to list M/A as infected. Just another difference between a big corp owned site and one owned and run by a team of dedicated MINI owners.
     
  12. PGT

    PGT Wheel Whore

    May 4, 2009
    781
    7
    18
    Federal Gov Contracting
    Leesburg VA
    Ratings:
    +7 / 0 / -0
    what was the issue? malware installed on the backend servers?
     
  13. rkw

    rkw Well-Known Member

    May 7, 2009
    1,253
    442
    83
    San Francisco
    Ratings:
    +448 / 0 / -0
    The funny thing is, they (Internet Brands) owns that platform (vBulletin).
     
  14. Nathan

    Nathan Founder

    Mar 30, 2009
    25,144
    10,031
    113
    Writer
    Short North
    Ratings:
    +10,048 / 0 / -0
    In a nutshell a bit of code is injected into a global_start that redirects to a malicious site when a user attempt to visit the site via a Google search.

    When a user searches something such as MINI Forums and the results include the infected site when the link is clicked on the user is redirected. However, if the user then closes that redirect and then clicks the link again the user is directed to the proper site.

    Cleanup is easy but time consuming. One needs to run a query on certain tables in the db then clean out each entry.

    From a search on how to fix when M/A was first infected this was first reported about the end of February. It was first reported here in late May where it was cleaned and life went on for a time. Got hit again on Sept 29. However by the time the second instance was found the method of blocking the intrusion was developed. A subscription to a service that monitors the M/A server was also added. The site is now scanned twice daily for unauthorized intrusions.

    This issue has been quite widespread on sites using vBulletin 3.7 and 3.8 variants.
     
  15. ZippyNH

    ZippyNH New Member

    Jan 25, 2010
    1,404
    686
    0
    Pilot
    Southern NH
    Ratings:
    +686 / 0 / -0
    You should ask for a break on you $$$...in the form of a discount or a free month or so....
    You are loosing out on tons of page views....and the goodwill from your previous posts during a prime posting period!!
     
  16. PGT

    PGT Wheel Whore

    May 4, 2009
    781
    7
    18
    Federal Gov Contracting
    Leesburg VA
    Ratings:
    +7 / 0 / -0
    thus, the irony
     
  17. Metalman

    Metalman Well-Known Member
    Lifetime Supporter

    Sep 29, 2009
    12,549
    7,423
    113
    Owner of a small custom metal fabrication company,
    Columbus, Ohio
    Ratings:
    +7,435 / 0 / -0
    Good job Nathan:Thumbsup:
     
  18. goaljnky

    goaljnky New Member

    Apr 7, 2009
    3,105
    392
    0
    LaLaLand, Left Coast, Overpopulated and Underfunde
    Ratings:
    +392 / 0 / -0
    Looks even worse now. Was getting before on some of the sub pages, but now it's the home page.
     
  19. ZippyNH

    ZippyNH New Member

    Jan 25, 2010
    1,404
    686
    0
    Pilot
    Southern NH
    Ratings:
    +686 / 0 / -0
    +1
    :Thumbsup:

    I guess the legal department in INDIA must be making a letter at NAM that will be OK'ed by the tech department in Pakistan once it is all cleaned up. They have said VERY little on the site....
    You would think they would say something!!
    I guess Nathan just proved that you don't mess with Texas!! He kicked the hacker butts!! :cornut:
    Nam....well....er...got it butt kicked!!:lol:
     

Share This Page