Larian Banner
Previous Thread
Next Thread
Print Thread
#650494 17/10/18 08:38 PM
Joined: Sep 2017
L
lamp Offline OP
stranger
OP Offline
stranger
L
Joined: Sep 2017
Hello your forums are compromised.

http://larian.com/forums/images/icons/default/exclamation.gif

This file in particular.

****************** Sophos Anti-Virus Log - 10/17/2018 8:37:30 PM **************


20181017 203349 Blocked web request to "larian.com/forums/images/icons/default/exclamation.gif" (linked from "larian.com/forums/ubbthreads.php") for user 'Mal/HTMLGen-A' has been found at this website, reference ID 98185450.
20181017 203520 Blocked web request to "larian.com/forums/images/icons/default/exclamation.gif" for user . 'Mal/HTMLGen-A' has been found at this website, reference ID 98185450.
20181017 203625 Blocked web request to "larian.com/forums/images/icons/default/exclamation.gif" (linked from "larian.com/forums/ubbthreads.php") for user 'Mal/HTMLGen-A' has been found at this website, reference ID 98185450.
(11 items)

Joined: Sep 2016
stranger
Offline
stranger
Joined: Sep 2016
I got a popup today taking me to one of those "You've won a free gift card!" pages.

Not sure if it's this site as you mention, or another site that might have a bad embedded advert.

Joined: May 2017
enthusiast
Offline
enthusiast
Joined: May 2017
I had the same issue a few minutes ago, when middle-clicking anywhere on the side:

[Linked Image]

Seems it's all cleared up now though?

Joined: Sep 2016
stranger
Offline
stranger
Joined: Sep 2016
Larian, pay your forum admin so they can update UBB software to remove the XSS vulnerabilities, plz.

AND MAYBE BUY A DAMNED HTTPS CERTIFICATE. It's 2018, no one should be running an insecure website, least of all a major software company.

Last edited by DuchessOfKvetch; 18/10/18 10:26 PM.
Joined: May 2010
Duchess of Gorgombert
Offline
Duchess of Gorgombert
Joined: May 2010
There's also a potential problem with a dubious-looking script; last I heard it was being looked into but I'm afraid not having admin privileges I can't do anything about it myself. frown I would recommend everybody uses NoScript if they don't already though.


J'aime le fromage.
Joined: Sep 2018
E
stranger
Offline
stranger
E
Joined: Sep 2018
Hello, I just opened the forum and got that popup, so I don't think it's been fixed.

Joined: Jan 2009
veteran
Offline
veteran
Joined: Jan 2009
Originally Posted by DuchessOfKvetch
I got a popup today taking me to one of those "You've won a free gift card!" pages.

Not sure if it's this site as you mention, or another site that might have a bad embedded advert.


Yep, I got something like that when clicking on a "go to last post button". It started doing a redirect to some site so I closed it immediately. The malicious address is gs.artltoken

Logging out of the forum until this is fixed.

Joined: Jan 2018
C
apprentice
Offline
apprentice
C
Joined: Jan 2018
Looks like the web site or forum had problem. I was redirected to another website for about three times after clicking the links in this forum.

Joined: Mar 2003
Larian Studios
Offline
Larian Studios
Joined: Mar 2003

EDIT: This is in the process of being fixed...

Last edited by Raze; 21/10/18 08:36 PM.
Joined: Mar 2003
Larian Studios
Offline
Larian Studios
Joined: Mar 2003

This should be fixed now. Please report any further issues.

Joined: Dec 2003
old hand
Offline
old hand
Joined: Dec 2003
Removed the bad guys. Updated larian.com site engine and plugins. Upgraded forum software to 7.6.2 as well. Sorry for taking so long.


Tweeting @forktong

Moderated by  Larian_QA, Lar_q, Lynn, Macbeth, Raze 

Link Copied to Clipboard
Powered by UBB.threads™ PHP Forum Software 7.7.5