US Airways Dividend Miles (Pre-2005 America West merger) - US Aviation forum compromised - VIRUS
May 26, 06, 8:03 am
Did anyone else get an email from US Aviation regarding "www.christianteenforums.com?"
It refers to "http://(XXX)traffmoney1.biz/dl/loadadv608.exe" and my virus blocker caught an "invasion attempt" from trafficmoney1 when I just opened US Aviation today???
US Aviation has since sent the following email:
Do not open any links on an email you received from US Aviation earlier today. It contains a link to a virus. Our site was compromised and someone sent a fraudulent email to our members. We apologize for the inconvenience, and are working to correct the problem.
May 26, 06, 8:06 am
The email showed up in my box. I read it (that should be OK, right)? It seemed rather bizarre, so I presumed they had been hacked.
May 26, 06, 8:10 am
Must be the work of __________ ? (fill in the name of your least fav exec) :D :D :D
May 26, 06, 8:46 am
My virus protection caught it just by trying to open US Aviation Forums. I didn't even have to open the email.
I suggest also that everyone who tried to open the forums dump their temp file folder in explorer as well.
I hope they fix it soon.
May 26, 06, 3:01 pm
I just opened US Aviation with no problems.
This announcement was posted:
A hacker with a Dutch IP Address and Russian email address registered on our boards at 4am this morning. He was able to find a loop hole in the forum system that allowed him to post a script that gave him ADMINISTRATOR access.
He changed the source code to the forum template and sent 7000+ emails to our members. We caught it at 730am this morning.
We banned his IP address, deleted his access, and shut down new member registrations. We removed the corrupt code and sent a Virus warning message to the 7000 members. The forum creators will be upgrading the software today with security patches to prevent this from happening again. Until that happens, new member registration will not be allowed.
This was an attempt to hijack traffic from our site.
My sincerest apology to those who have been inconvenienced by this intrusion.