Tweet
Hi All,
I just got theis email. Not sure if others have been affected by this but I have not. Jst be careful
Dear TMC Member,
We regret to inform you that yesterday evening the TMC (Too Much Coffee)
web site was attacked by an unknown hacker working from an internet
address in North Carolina, USA. This is the first time in TMCs
existence that the site has been successfully compromised as we treat
the security of the site and its members as being of the utmost
importance. Here follows a detailed account of the attack and the steps
we have taken.
The attacker utilised a newly discovered vulnerability in one of the
software packages used on TMC, and many other internet forums, to
perform an "SQL Injection" attack. This attack enabled the hacker to
gain access to an administrators account and take the following actions:
1. The hacker sent a malicious email, containing a link to trojan
malware, to all members of the community.
2. The hacker embedded two links to the above malware into the sites
pages. One of these links was placed on the home page and another was
placed in the title text of one of the forums.
As soon as we became aware of these problems (well within an hour of the
attack), TMC management immediately took the following actions:
1. All administrative passwords were changed.
2. The malware links were removed.
3. A series of checks were run to identify if further links to malware
had been placed in the sites pages.
4. The authors of the software package were contacted to establish
whether a patch was available to address this vulnerability.
As a patch was not immediately available the TMC Site Administrator
worked to identify the source of the vulnerability in the program. The
vulnerability was found and a software patch (update) was created and
applied. The TMC Site Administrator has made sure that this patch is
effective in addressing the vulnerability, and has also made the patch
available to all other sites running the same software (there are
thousands of these) so that they may protect themselves against a
similar attack.
The TMC management would like to apologise to anyone that may have
suffered because of this attack. We assure you that all possible efforts
have been taken to identify and deal with the threat to our members, and
that we remain alert to any new threats that might arise. A thread has
also been created in the TMC "Site Announcements" forum to deal with any
issues arising from this matter, including links to tools for removal
and protection from malicious software. Please address any further
concerns that you may have to us through this thread.
With the very best wishes to all
Phil - TMC Site Owner/ Administrator
Dom and Mark - TMC Site Management
--
(url removed)
The European Coffee Resource
I just got theis email. Not sure if others have been affected by this but I have not. Jst be careful
Dear TMC Member,
We regret to inform you that yesterday evening the TMC (Too Much Coffee)
web site was attacked by an unknown hacker working from an internet
address in North Carolina, USA. This is the first time in TMCs
existence that the site has been successfully compromised as we treat
the security of the site and its members as being of the utmost
importance. Here follows a detailed account of the attack and the steps
we have taken.
The attacker utilised a newly discovered vulnerability in one of the
software packages used on TMC, and many other internet forums, to
perform an "SQL Injection" attack. This attack enabled the hacker to
gain access to an administrators account and take the following actions:
1. The hacker sent a malicious email, containing a link to trojan
malware, to all members of the community.
2. The hacker embedded two links to the above malware into the sites
pages. One of these links was placed on the home page and another was
placed in the title text of one of the forums.
As soon as we became aware of these problems (well within an hour of the
attack), TMC management immediately took the following actions:
1. All administrative passwords were changed.
2. The malware links were removed.
3. A series of checks were run to identify if further links to malware
had been placed in the sites pages.
4. The authors of the software package were contacted to establish
whether a patch was available to address this vulnerability.
As a patch was not immediately available the TMC Site Administrator
worked to identify the source of the vulnerability in the program. The
vulnerability was found and a software patch (update) was created and
applied. The TMC Site Administrator has made sure that this patch is
effective in addressing the vulnerability, and has also made the patch
available to all other sites running the same software (there are
thousands of these) so that they may protect themselves against a
similar attack.
The TMC management would like to apologise to anyone that may have
suffered because of this attack. We assure you that all possible efforts
have been taken to identify and deal with the threat to our members, and
that we remain alert to any new threats that might arise. A thread has
also been created in the TMC "Site Announcements" forum to deal with any
issues arising from this matter, including links to tools for removal
and protection from malicious software. Please address any further
concerns that you may have to us through this thread.
With the very best wishes to all
Phil - TMC Site Owner/ Administrator
Dom and Mark - TMC Site Management
--
(url removed)
The European Coffee Resource
Comment