Two weeks ago we had an issue with the forum where we kept getting strange php warnings on the forum and the layout of the forum kept looking strange. Saerdon posted this post.
The next day I asked Milen (our website friend) to look at it as well, and he found some strange code that he deleted and then he put the forum back. Since then the forum appears to have been fixed. Instead there's been something weird with the webpage, where some people are getting warnings from their firewalls or antivirus-programs about our page. It appears to be the same script that has put malicious code both places.Saerdon wrote:There is currently some sort of malicious "virus"-like script that keeps deleting the header in our wordpress-theme. Which is why all the layout and so on is gone at the moment. I'm keeping an eye on a fairly new thread on the wordpress forums about this to see if anyone figures out how to remove it completely.
I don't think there's been much malicious code infecting our computers or anything; from what I can tell the script tried to create a javascript that was supposed to do something, but the php-files that were overwritten were changed in such a way that they crashed before they actually reached that part in the code.
Yesterday I asked Milen to look into it; and today he is saying:
"What the malware did was to inject malicious code into the webpage files. I have purged that code and in theory the site is now clean. If any warnings of malware is detected again, report it to Luria copying the whole message and also indicating, if possible, which files are infected so I can look at it, as the webpage consist of more of 10000 files."
So please post in this thread if you're getting warnings on the website again, or tell me in game; and we can try and get this sorted.
