CFC Website - Virus?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • CFC Website - Virus?

    Merry Christmas everyone. :)
    I have been away from chesstalk for awhile due to its website virus problems.
    Nice to see this has been corrected.
    But, earlier today we got reports of a virus on the CFC website.
    Reports came from Alberta, Ontario, and USA.
    But I see no complaints on chesstalk, so can I assume the problem was not wide spread?
    Nevertheless, our IT people have investigated and done the virus scans.
    The virus scan came up negative. We suspect there may have been a virus on redirecting DNS servers.

    The virus was triggered when looking up a rating.

    We are leaving the website online, but please report any problems immediately to CFC email.

    Thanks.

  • #2
    Re: CFC Website - Virus?

    Originally posted by Bob Gillanders View Post
    The virus was triggered when looking up a rating.

    We are leaving the website online, but please report any problems immediately to CFC email..
    30 min ago it happened to me... Though I was going to News and Ratings almost at the same time. Don't know which one triggered the virus/direction.

    Comment


    • #3
      Re: CFC Website - Virus?

      Nothing here... at least not that Bitdefender can see.
      Christopher Mallon
      FIDE Arbiter

      Comment


      • #4
        Re: CFC Website - Virus?

        Originally posted by Christopher Mallon View Post
        Nothing here... at least not that Bitdefender can see.
        I got a message this morning which was different from what I got last night and similar to the messages that had been coming from chesstalk a few days ago with Malwarebytes blocking a couple of malicious websites. I cleared my cache this afternoon and the message went away. This was not a virus but rather a virus scam which urged visitors to the website to call a phone number which presumably would lead to gullible people paying to have the fake virus removed. There appeared to be multiple layers to the scam with one page asking you to log in to your Microsoft account and another mentioning Zeus virus with a voice claiming to be windows defender saying out loud that you have a pornographic virus on your computer and that if you didn't call the number your IP address would be reported and your computer would be disabled.

        My guess is that hackers managed to infect several widgets or pages on the CFC website including the ratings and upcoming tournaments. Restoring from backups managed to remove any changes the hackers made. Clearing the cache on your computer ensures that you are not using the infected version of the website. We will have to be vigilant as these hackers are working overtime.

        Comment


        • #5
          Re: CFC Website - Virus?

          Just went to chess.ca and when I clicked on the Last Name field to enter my name for a rating check I was immediately redirected to this garbage:

          http://ca11ingn0wteh29123456789.tk/?number=888-794-4373

          which appears to be a simple phishing website that makes it LOOK like there is some sort of "official" virus alert etc and likely leads to some sort of phone support scam.
          Most likely a javascript injection problem.
          ...Mike Pence: the Lord of the fly.

          Comment


          • #6
            Re: CFC Website - Virus?

            Originally posted by Kerry Liles View Post
            Just went to chess.ca and when I clicked on the Last Name field to enter my name for a rating check I was immediately redirected to this garbage:
            SNIP phishing website

            which appears to be a simple phishing website that makes it LOOK like there is some sort of "official" virus alert etc and likely leads to some sort of phone support scam.
            Most likely a javascript injection problem.
            Try clearing your internet cache as I think the steps taken have removed the threat at least temporarily. I am not getting any errors, warnings or messages on the two computers that I have tried it on.

            Comment


            • #7
              Re: CFC Website - Virus?

              Strange. The virus/redirect worked again. Though, it does not work trying the second time.

              Comment


              • #8
                Re: CFC Website - Virus?

                The virus/redirect is really on the main website. It starts after clicking anywhere (can be just an empty space at the side).
                Seems it works only once. After restarting the browser, it engages again.

                Saw this trick with some other sites. I think it is called ad overlays.

                Comment


                • #9
                  Re: CFC Website - Virus?

                  Originally posted by Bob Gillanders View Post
                  Merry Christmas everyone. :)
                  Originally posted by Vlad Drkulec View Post
                  The security situation here is also concerning with the continual coinhive warning from malwarebytes. If this can persist this long who is to say that the next hack might not contain an injection of a new zero day ransomware variant.
                  What goes around ... comes around ... LOL!

                  Merry Christmas to you too Bob G. :)

                  Comment


                  • #10
                    Re: CFC Website - Virus?

                    I'm getting a similar message telling me to call 800-552-8133 immediately so that "Microsoft" can help me.
                    Paul Leblanc
                    Treasurer Chess Foundation of Canada

                    Comment

                    Working...
                    X