Autopia.org bad for you?

FWIW it's "kinda" back up. The site is throwing errors at the moment. I also can't vouch for it being virus free. So check at your own discretion.

It's also interesting that their statistics now show they are hosting on LIQUIDWEB (same as AGO and DC).

Google Safe Browsing diagnostic page for autopia.org

Their present IP is indeed a liquidweb IP. Looks like they are moving from mediatemple.
 
Shoutbox is MIA. Giving some script errors in the header.


Edit: Shoutbox is back.
 
Ha! FWIW, I really doubt it's still infected if LW allowed it onto their network willingly. Looks like the database and forum software are still a bit wonky though based on how the page loads.
 
Shiny Lil Detlr said:
Ha! FWIW, I really doubt it's still infected if LW allowed it onto their network willingly. Looks like the database and forum software are still a bit wonky though based on how the page loads.
Click to expand...

The thing is, the pages aren't infected.. it's merely linking to something ELSE that causes the infection. LiquidWEB has no way to scan for this proactively AFAIK.

The code looks clean. (I saw the forum code the day the virus took hold) and the stuff that was questionable is no longer there.

So now it's a matter of keeping it from happening again and getting google to remove those warnings so that you can visit without that popup screen. I don't know how long that takes, but the diagnostic page seems to indicate it tracks for the last 90 days, so it could (in theory) be 3 months before those warnings drop off .
 
it loads weird on firefox, but in IE it loads "better" not at all correct mind you....

dont know if I trust that site...
 
bwalker25 said:
it loads weird on firefox, but in IE it loads "better" not at all correct mind you....

dont know if I trust that site...
Click to expand...


Firefox drops all the formatting off even when you tell it to ignore the threat. Not sure why? Safari and Chrome load it pretty normal when you tell it to ignore the threat.
 
looks "semi-normal" in IE, but firefox like you say has totally destroyed the formating to the point of FUBAR
 
I'm glad I use Firefox *and* a Mac. ;-)

I don't see how you guys are able to say it is back to normal. Both Google and Firefox still report it as an attack site.
 
Rob T said:
I'm glad I use Firefox *and* a Mac. ;-)

I don't see how you guys are able to say it is back to normal. Both Google and Firefox still report it as an attack site.
Click to expand...

That'll take awhile to clear. The actual webpage appears malware/virus free.
 
Mindflux said:
The thing is, the pages aren't infected.. it's merely linking to something ELSE that causes the infection. LiquidWEB has no way to scan for this proactively AFAIK.

The code looks clean. (I saw the forum code the day the virus took hold) and the stuff that was questionable is no longer there.
Click to expand...

True... really it depends on how the attack was carried out in the first place. If it's a database injection attack, then it can be proactively prevented through a careful reconfiguration of MySQL and eradicated from the database by looking for suspicious entries (though with the number of tables present in a forum dB that can be a time consuming/daunting task unless you're really familiar with what to look for).

So now it's a matter of keeping it from happening again and getting google to remove those warnings so that you can visit without that popup screen. I don't know how long that takes, but the diagnostic page seems to indicate it tracks for the last 90 days, so it could (in theory) be 3 months before those warnings drop off .
Click to expand...

You can log into a Google Webmaster Tools account and request a review of the site once it has been repaired, and as long as the review comes back clean they will remove the warnings, usually within a couple days.
 
As of this morning, Firefox still reports it as an attack page.
 
Shiny Lil Detlr said:
True... really it depends on how the attack was carried out in the first place. If it's a database injection attack, then it can be proactively prevented through a careful reconfiguration of MySQL and eradicated from the database by looking for suspicious entries (though with the number of tables present in a forum dB that can be a time consuming/daunting task unless you're really familiar with what to look for).



You can log into a Google Webmaster Tools account and request a review of the site once it has been repaired, and as long as the review comes back clean they will remove the warnings, usually within a couple days.
Click to expand...


Well either way the damage has been done. As much as Autopia is "my home" for forums, after all that's happened I might find myself casually visiting but not so much in the way of participation anymore.
 
Mindflux said:
Well either way the damage has been done. As much as Autopia is "my home" for forums, after all that's happened I might find myself casually visiting but not so much in the way of participation anymore.
Click to expand...

I guess the slow response to this malware was the last straw for me, as far as demonstrating a laissez-faire attitude toward the forum/community. Perhaps they were slow to shut down the forum because that must have also shut down their new store as well. All I know is that for as much derision as DavidB received after he left, he would have been on that malware like white on rice.
 
Setec Astronomy said:
I guess the slow response to this malware was the last straw for me, as far as demonstrating a laissez-faire attitude toward the forum/community. Perhaps they were slow to shut down the forum because that must have also shut down their new store as well. All I know is that for as much derision as DavidB received after he left, he would have been on that malware like white on rice.
Click to expand...

Couldn't agree more.

The new owners have been very slow/non-responsive from day one. The whole thing has been one big clusterf*ck.
 
Usually these issue are cleared up in hours and sometimes in minutes. There is always more to the story when it takes days. And when it takes weeks they are probably being investigated for criminal activity along with there hosting and mirror site storage. The number of infected computers from this one site could measure in the 1000's and those could of further infected 100,000 more. When the issues that the site host was alerted to go unanswered for even a few hours that should be considered willful destruction towards any outside users computers that they still allow to log on.
 
The last word that I got from the admins from Autopia was that they had identified who was responsible for the hack and were going to initiate a criminal prosecution.
 
Pats300zx said:
The last word that I got from the admins from Autopia was that they had identified who was responsible for the hack and were going to initiate a criminal prosecution.
Click to expand...

good, no punishment is harsh enough for doing something like that. if it's a guy, they should hang him by his bawls...
 
Pats300zx said:
The last word that I got from the admins from Autopia was that they had identified who was responsible for the hack and were going to initiate a criminal prosecution.
Click to expand...

I wonder about this. It's usually pretty difficult to find who the hacker is.
 
You must log in or register to reply here.
Back
Top