# Board Hacking, Redirection Issue



## Bob Hubbard (Sep 2, 2006)

There is a hole in one of the add-ons we use that was exploited to force a redirection of traffic from MartialTalk to a hacker site.  

That hole has now been patched.

I strongly advise all members who have visited in the last 1 hours to do a complete scan of their systems for spyware. Though I haven't found anyyet, I prefer to err on the side of caution here.

I will be performing additional checks and upgrades to various parts of the site all weekend to ensure all possible issues are resolved.

In this particular issue, no data was effected, nor any files. They basically exploited a loophole in how 1 plugin processes thread titles. That plugin is disabled.

I apologize for the inconvenience.


----------



## Lisa (Sep 2, 2006)

I just spoke to Bob via phone.  He asks that everyone clear their browser cache and cookies just as a precaution.

You can find instructions here.

Any problems doing this post them here and we will try and help you out.


----------



## Lisa (Sep 2, 2006)

Also found this in the FAQ


----------



## Lisa (Sep 2, 2006)

Bob has also posted this.


----------



## Kacey (Sep 2, 2006)

Thanks for the reminder, and the how-to's - I did run a virus scan (thankfully, negative), but had forgotten about cleaning out the cookies... there were some truly odd cookies in there, and I've now changed my cookie settings to keep some of them out in the future!


----------



## Brother John (Sep 2, 2006)

Thanks for:

Staying on your guard   
Being very responsive & proactive   
letting us know...
keep up the good work man. MT is the BEST!!


Your Brother
John


----------



## Jade Tigress (Sep 2, 2006)

I just scanned everything...it was clean.


----------



## Bob Hubbard (Sep 2, 2006)

Official notice:
Earlier today, hackers exploiting a hole in one of the plugins that are used with the vBulletin software began a large scale assault across the internet. Hundreds of boards including MartialTalk and the forum at Rustaz were effected.

FMAT and Kenpotalk were caught in time, and the NHBG runs different software so isn't at risk.

The hole has been patched on all boards with certain code now added to the filter, and the at-risk plugin is disabled at this time.

Additional security checks and upgrades will be performed as fast as humanly possible across all vB forums in the network.

The exploit was a simple redirection to another site. While we have not found any evidence of further damage, we do strongly suggest that you clear your browser cache, and do a complete spyware scan of your system, just to be safe.

Thank you
Bob Hubbard
President, SilverStar WebDesigns Inc.


----------



## Fu_Bag (Sep 2, 2006)

I would also just like to say:

1. Thank You for everythiing you do for the martial arts community  

2. Bob Hubbard Rules!!!

3. MT Rocks.  

4. The Geek shall inherit the Earth..........


Respectfully,

Fu Bag


----------

