Their solution was to pare down sites in their database to eliminate those affected sites (for now). Unfortunate, but necessary solution.
As a point, I went to my own AD site (which is so unknown it's under every radar) and found those particular templates were insecure as anyone elses - so I changed their permissions... Exploits are exploits.
Article Dashboard Forum / Help I think my site has been hacked
On their official site, this additional notice:
Article Submmitter is using for submission articles directories developed using Article Dashboard script. For 2 days these article directories are under attack and some of them are even hacked or down ( see the threads from article dashboard forum ).
We have release a temporary update for the database which contains only a small part of the directories, the ones not affected. Please use the build in functionality from Article Submitter and click on UPDATE to get the last version of the database ( containing only 215 article directories until the problem is solved).And so I'll pare down my own list of sites (unregistering them) until this attack is resolved. Again - unfortunate.
But it will mean AD should come out with an improved version - as do all good open-source products. Or someone will replace them with a better (and still free) system.
WARNING: I found that some of these AD sites had been infected with viruses (which started my initial alert on this). So for now, while it seems this attack is innocuous, it is best to simply take out any infected site.
I updated my database with their list, but it looks like this scene is continuing to spread.
As noted earlier, the top-notch sites (not just the top-ranked) aren't being affected as their webmasters seem to be more on the ball. While I have sympathy with these sites that were affected (and their administrators), I can't spend time on sites that are still unavailable depending on whether Yahoo allows that GeoCities page to get enough bandwidth.
It's the same problem some sites have with people unable to set new accounts. While the site may run fine, if that administrator doesn't see that his/her site won't accept new customers, I can't give them any business.
So this will shake down my list of several hundred sites down to just a few very good ones - and hopefully the whole technique of article publishing doesn't suffer too much from this mess. (Boy, do I hope they find this jerk.)
No comments:
Post a Comment