No announcement yet.

Too much Coffee Alert

  • Filter
  • Time
  • Show
Clear All
new posts

  • Too much Coffee Alert

    Hi All,
    I just got theis email. Not sure if others have been affected by this but I have not. Jst be careful

    Dear TMC Member,

    We regret to inform you that yesterday evening the TMC (Too Much Coffee)
    web site was attacked by an unknown hacker working from an internet
    address in North Carolina, USA. This is the first time in TMCs
    existence that the site has been successfully compromised as we treat
    the security of the site and its members as being of the utmost
    importance. Here follows a detailed account of the attack and the steps
    we have taken.

    The attacker utilised a newly discovered vulnerability in one of the
    software packages used on TMC, and many other internet forums, to
    perform an "SQL Injection" attack. This attack enabled the hacker to
    gain access to an administrators account and take the following actions:

    1. The hacker sent a malicious email, containing a link to trojan
    malware, to all members of the community.

    2. The hacker embedded two links to the above malware into the sites
    pages. One of these links was placed on the home page and another was
    placed in the title text of one of the forums.

    As soon as we became aware of these problems (well within an hour of the
    attack), TMC management immediately took the following actions:

    1. All administrative passwords were changed.

    2. The malware links were removed.

    3. A series of checks were run to identify if further links to malware
    had been placed in the sites pages.

    4. The authors of the software package were contacted to establish
    whether a patch was available to address this vulnerability.

    As a patch was not immediately available the TMC Site Administrator
    worked to identify the source of the vulnerability in the program. The
    vulnerability was found and a software patch (update) was created and
    applied. The TMC Site Administrator has made sure that this patch is
    effective in addressing the vulnerability, and has also made the patch
    available to all other sites running the same software (there are
    thousands of these) so that they may protect themselves against a
    similar attack.

    The TMC management would like to apologise to anyone that may have
    suffered because of this attack. We assure you that all possible efforts
    have been taken to identify and deal with the threat to our members, and
    that we remain alert to any new threats that might arise. A thread has
    also been created in the TMC "Site Announcements" forum to deal with any
    issues arising from this matter, including links to tools for removal
    and protection from malicious software. Please address any further
    concerns that you may have to us through this thread.

    With the very best wishes to all

    Phil - TMC Site Owner/ Administrator
    Dom and Mark - TMC Site Management

    (url removed)
    The European Coffee Resource

  • #2
    Re: Too much Coffee Alert

    Hey Lucinda,

    Youll be pleased to know that we had got a heads up on this and Andy confirmed that it is stopped by the YaBB software so we should experience no problems with this forum. Touch wood!


    • #3
      Re: Too much Coffee Alert

      Pretty rotten thing to do to a bunch of peaceful coffee drinkers.


      • #4
        Re: Too much Coffee Alert

        Yep Cindy,

        Theres no accounting for the weirdness of some people :-?