WinGovations under attack!


Anything goes - doesn't fit any other category!
  • Sponsored Links
Old Fogey
Posts: 724
Joined: Fri Oct 30, 2009 2:09 am
Location: Glasgow Scotland
Motorcycle: 1976 GL1000
1979 GL1000
Contact:

WinGovations under attack!

Postby Old Fogey » Fri Nov 28, 2014 5:17 am



DO NOT USE THE WINGOVATIONS SITE!

Ever since the hosting company had a Denial of Service attack a few days ago, I have had the site attacked every time I load the Wingovations site. So far, my anti-virus software has blocked everything (I think! But how can you be sure?) but today I even had the Firefox browser blocking a known attack site.

I have just sent a request to Moonfruit to take the site offline until they can find the problem. I'm 100% certain it's something on their servers. More info when I get it.


Image Image

'Impossible' is just a level of difficulty! The only stupid question is the one you didn't ask first!

User avatar
WingAdmin
Site Admin
Posts: 17050
Joined: Fri Oct 03, 2008 4:16 pm
Location: Strongsville, OH
Motorcycle: 2000 GL1500 SE
1982 GL1100A Aspencade (sold)
1989 PC800 (wife's!)
1998 XV250 Virago (sold)
2007 Aspen Sentry Trailer

Re: WinGovations under attack!

Postby WingAdmin » Fri Nov 28, 2014 1:20 pm

Old Fogey wrote:DO NOT USE THE WINGOVATIONS SITE!

Ever since the hosting company had a Denial of Service attack a few days ago, I have had the site attacked every time I load the Wingovations site. So far, my anti-virus software has blocked everything (I think! But how can you be sure?) but today I even had the Firefox browser blocking a known attack site.

I have just sent a request to Moonfruit to take the site offline until they can find the problem. I'm 100% certain it's something on their servers. More info when I get it.


I've had to deal with this type of attack before. The servers got infected with a trojan, and inserted malware into every page request served up by the web server. In my case I ended up having to re-image the server (i.e. wipe it and start from fresh). The guy who owned the server who turned to me for help was not pleased, but we got it back up and malware-free.

Old Fogey
Posts: 724
Joined: Fri Oct 30, 2009 2:09 am
Location: Glasgow Scotland
Motorcycle: 1976 GL1000
1979 GL1000
Contact:

Re: WinGovations under attack!

Postby Old Fogey » Fri Nov 28, 2014 6:05 pm

Thanks for the confirmation of my suspicions.
This only happens when I load WinGovations, never with anything else. So I'm sure that Moonfruit's servers(s) have been compromised during the attack on them. The odd thing is that it is different sites that attack me each time. Most times they have been flagged by Norton as malvertise sites, but that one today was a full on known attack site instantly blocked by Firefox. That is much more worrying.
Image Image

'Impossible' is just a level of difficulty! The only stupid question is the one you didn't ask first!

Old Fogey
Posts: 724
Joined: Fri Oct 30, 2009 2:09 am
Location: Glasgow Scotland
Motorcycle: 1976 GL1000
1979 GL1000
Contact:

Re: WinGovations under attack!

Postby Old Fogey » Fri Nov 28, 2014 6:15 pm

Confirmation that my customers are also getting attacked:

Dear John, Doug, and Company:

First, thanks for your good service. Urgent news--if you haven’t found out already, someone has tapped into your site as part of a p h is hing operation. How it works:
J and I were on the Wingovations site approximately one hour ago, and clicked on the button at the top to go to the “tech tips” page. When we did so, our Safari browser froze on a page with the address “geek-support.com” and a popup window with Safari logo appeared bearing the message: “Security Alert. Suspicious activity might have been detected. Call support immediately at 1-877-522-7559.”
I called the number and during the conversation with the support person there I became suspicious that it was NOT a legitimate Windows Safari support center. Disconnecting, I searched for Apple support and phoned them. I have just concluded talking to them and this is definitely a swindle to collect identity data (thankfully I didn’t give them any). Apple says that the swindlers attach these popups through certain sites, and yours appears to have been included.

I thought you should know. We’ll continue using your site though!
Best of luck,
M
Image Image

'Impossible' is just a level of difficulty! The only stupid question is the one you didn't ask first!

Old Fogey
Posts: 724
Joined: Fri Oct 30, 2009 2:09 am
Location: Glasgow Scotland
Motorcycle: 1976 GL1000
1979 GL1000
Contact:

Re: WinGovations under attack! NOW FIXED!

Postby Old Fogey » Mon Dec 01, 2014 2:19 pm

We think that the attacks have been stopped now. The techies at Moonfruit (the site hosts) found a bug in the site counter, which has now been removed taking the bug with it. We hope that is the end of it! But if anyone going to the site finds a problem, please let me know at once.


Image Image

'Impossible' is just a level of difficulty! The only stupid question is the one you didn't ask first!


Return to “Goldwing Chat”




Who is online

Users browsing this forum: Fiberthree, Google [Bot] and 2 guests