After more investigation, we've found that the Atlas Games website was indeed hacked, and malicious code inserted into our files. We've cleaned out the code, and disabled our forums, which we suspect was the point of entry. The forums will remain disabled until we can perform an upgrade to them next week. We're very sorry for the inconvenience.
This malicious code was designed to open up another site in the background of visitors' browsers, and download viruses to their computers. In particular, it seems that a "Trojan" virus has infected the computers of several of the users we've been working with on this. This Trojan is evading AVG, Norton Antivirus, and Windows Defender. However, Microsoft Windows Malicious Software Removal Tool and Windows Live OneCare are both able to identify and purge it.
So, to anyone having trouble I'd suggest you run one of those two programs on your system, and update your virus detector.
Again, we're very sorry for the trouble. Thanks for your patience everyone, and our special thanks to those who helped us ferret this out!
Subscribe to:
Post Comments (Atom)
Apparently we're not the only ones affected ... see http://tech.yahoo.com/news/pcworld/20090602/tc_pcworld/thousandsofwebsitesstungbymasshackingattack
ReplyDeleteWill this affect any of the posts/data stored on the board?
ReplyDeleteWe don't think it will.
ReplyDeleteRan a check with "Microsoft Windows Malicious Software Removal Tool" and apparently this virus could not infect my combination of Comodo Internet Security suite(which is freeware btw) and SeaMonkey browser(with standard security settings).
ReplyDeleteBut the darn MS tool shut down the firewall while scanning, stupid thing(so beware if you scan with it to be offline while doing so just in case).
Wish you luck fixing the site.
Was the Trojan "FakeAlert", by chance ? I run my antivirus after the warning about the Atlas site, and I found it in my system. If so, NOD32, too, seems able to ferret the virus out.
ReplyDeleteIt's called various things by different virus software. Trojan:VBS/Renos.A by Microsoft products, and VBS/FakeAlert-AB by McAfee, for example. See these links for more aliases ...
ReplyDeletehttp://www.threatexpert.com/threats/trojan-vbs-renos-a.html
http://www.threatexpert.com/threats/backdoor-win32-frauder.html