Moho Forum

Just when I thought this server was safe, after I had notified Lost Marble of some random directory on his server (see here). I saw this afternoon (15:00 GMT) that the main LM website was apparently defaced.

Of course, I notified LM with a PM, but this is really alarming. How can someone from the outside get so much access to this server?

Uh...

Rasheed? Is this a danger to the forum? Could someone gain access to this database???!!!!

Good lord... I hope it's backed up.

p.s. I don't have a cell phone so I don't need any ringtones.

-vern

If the ringtone seller is smart, he doesn't mess with the forum, because this will get noticed quite soon. Now no-one, but for some geeks like me, visit the LM index page, this page was up for grabs, without anyone noticing.

However, this could just as well be a new start of spam attacks to the forum. I've seen a lot of bogus accounts coming by in the last months. They lay dormant until some spammer claims them to do his evil thing.

I don't know what's worse at the moment. Religious, theoretical rants... or ringtone ads?

I do like the look of the usher ringtone though

LM has answered my PM. For some reason the links didn't show up in his browser, but he is taking them down.

When I first checked out your warning the links didn't show in my browser either. But half the page was missing.

So I viewed the source code.

Apparently hackers are good with some stuff... but not good at writing compliant HTML. They really should use validation when defacing a web site.



-vern

Perhaps it is because I use FireFox and the NoScript extension (JavaScript disabled, unless I deem it to be a trusted site). IE has security zones, which is roughly the same. I wouldn't put the LM site in my list of trusted sites, because it has been hacked at least twice.