This needs to be addressed. I operate about 30 sites and am no stranger to having a site hacked. You clean up the site, repair the damage and then make a public statement on the site so people can take proper precautions.
Has the malware been cleaned from the site? Steve, you need to address this issue in the Steam forums. Lets face it, who is going to buy a game with a hacked website.
I took a chance overriding Chrome's security just to get in and as soon as I leave I will run Malwarebytes and AVG both to make sure I haven't picked anything up.
I'd be interested to see what the malware was and how it was delivered. Was it a third party advertisement or something? Or was it an actual hack that put malware on the site itself?
my money is one of the many links in peoples sigs being hosted on a hacked site.
i mean how many bots get accepted?
but as said, don't look good :/
(This post was last modified: 01-12-2014, 19:45 by SteveS.)
The version of IPB we were using had a vulnerability in it and it has now been patched. There was a poison iframe injected onto the page (which could be identified by the bar at the top not being snug with the top of the page) that was attempting to serve malware.
If you accessed the site at all within the towards the end of last week or over the weekend it would be worth running a virus scan, disabling Java in the browser altogether and making everything else click to play.
No malware is present on the site since it started appearing. A couple of days ago I did notice another iframe had been injected and turns out an admin account was being logged into from a Russian IP address (always the same one) but that was dealt with pretty quickly.