It has come to my attention that early this morning, September 27 2012, the server that AusChristmasLighting is hosted on has been compromised. A third party has gained access to the file system of this site to then modify JavaScript files that loads hidden frames to external websites. These external websites linked to as a result of the hacking have a chance of being malicious so it is recommended to run an antivirus scan.
These file modifications affected all areas of the AusChristmasLighting site - such as the forums, wiki, chat and video page. It was very much a "personalised" line of attack with separate files edited for each area of the site. The entire site has been reviewed and all known malicious code has been removed.
AusChristmasLighting security details have all been changed. It should be noted that user account details are not stored on the file system where the malicious file edits occured and passwords are encrypted before being stored.
The web host has been notified of the server breach and technicians are investigating possible causes of the breach. FTP logs have been reviewed but provide no clues. Investigations are continuing.
What Should You Do?
It would be recommended for anyone who accessed AusChristmasLighting within the past 24 hours to refresh any site pages (F5) to ensure the malicious code has not been cached on your computer. It is also recommended to run an antivirus scan on your computer, but this is just a precautionary measure. I do not know if the external sites were malicious but in the interests of security it is a good idea to assume they were. If you have not visited AusChristmasLighting in the past 24 hours then there should not be any cause for concern.
I would also recommend, for users of Mozilla Firefox, to consider running the NoScript addon. It is free and selectively allows you to "turn on" javascript code on a per-website (domain) basis. You will find this plugin at noscript.net - it is a great way to make web surfing safer. Not only that but it blocks some of the online advertising firms from tracking your computer too! I have personally used the addon for a long time as I value the added security it provides.
These file modifications affected all areas of the AusChristmasLighting site - such as the forums, wiki, chat and video page. It was very much a "personalised" line of attack with separate files edited for each area of the site. The entire site has been reviewed and all known malicious code has been removed.
AusChristmasLighting security details have all been changed. It should be noted that user account details are not stored on the file system where the malicious file edits occured and passwords are encrypted before being stored.
The web host has been notified of the server breach and technicians are investigating possible causes of the breach. FTP logs have been reviewed but provide no clues. Investigations are continuing.
What Should You Do?
It would be recommended for anyone who accessed AusChristmasLighting within the past 24 hours to refresh any site pages (F5) to ensure the malicious code has not been cached on your computer. It is also recommended to run an antivirus scan on your computer, but this is just a precautionary measure. I do not know if the external sites were malicious but in the interests of security it is a good idea to assume they were. If you have not visited AusChristmasLighting in the past 24 hours then there should not be any cause for concern.
I would also recommend, for users of Mozilla Firefox, to consider running the NoScript addon. It is free and selectively allows you to "turn on" javascript code on a per-website (domain) basis. You will find this plugin at noscript.net - it is a great way to make web surfing safer. Not only that but it blocks some of the online advertising firms from tracking your computer too! I have personally used the addon for a long time as I value the added security it provides.
