| Yesterday it came to my attention that a malicious script exploited a bug in MAL's code, and was run on multiple different clubs/comments/messages and profiles. The script has been stopped from expanding beyond what it already has infected and should not continue to be posted. However, there are many comments out there that still contain this script and they may unfortunately cause bogus code to be appended to your comments. Short of going throughout the entire site and deleting every instance of this script, there's not much I can do other than watch the script get pushed down to 'non-viewable' areas. New comments and posts will eventually bury it and the script won't be able to execute. Sorry for the inconvenience everyone. |
| At least you stopped the club from expanding. |
| Fucking stupid Script Kiddies. |
  |
| What did the script do anyways? All I could tell is that it creates a new script element, sets the source as a 1x1 jpg image and appends the head element? |
Prongs said: At least you stopped the club from expanding. Well...if that would have been the biggest issue to you... ...not sure what you would have thought if you would have gotten a redirekt to a virus contaminated site or similar... |
| Ah, so that's what it was. Good to hear it's gone. |
 staff.applications ▼ guidelines.faq ▼ report.abuse ▼ thx.skittles ▼ thx.kina ▼ [H+] ³ ▼ |
| From what I guessed and understood of it, it was grabbing two pieces of data (or trying to at least) from active session cookies and sending them to a website. The obvious guess would be username and password. Source here: http://projectviral.spazghost.com/forums/MALinjectionSRC.txt |
 |
| Does this have anything to do with my editing profile/blog entries not working. Most of the BBCode has gone and seems to be replaced by html. Like this: http://i171.photobucket.com/albums/u301/lee3319/profile/animebutton.jpg"; border="0">[img]http://i171.photobucket.com/albums/u301/lee3319/profile/animeright.jpg" border="0"> |
| FFFFFFFFFUUUUUUUUUUU |
| Same case as lee3319 Quite annoying but rewrote it and now it's fine...I guess. |
 |
Rewtle said: Thanks for fixing this, I guess. |
 |
| Figured there be an announcement about it sooner or later. That was a crazy little experience; thanks for taking care of things. |
Alberto said: Rewtle said: Thanks for fixing this, I guess. |
| Quick question, Are you going to ban the guy who created the club? Cuz I personally think that it was his fault please correct me if I am wrong. |
 |
Websnake said: From what I guessed and understood of it, it was grabbing two pieces of data (or trying to at least) from active session cookies and sending them to a website. The obvious guess would be username and password. Source here: http://projectviral.spazghost.com/forums/MALinjectionSRC.txt There's a section in the code you posted that points to adstraight.com which is a pay per click service. So essentially whoever made this code was doing it to make money. Each time that little image loaded it would count as a click which was registered at adstraight. You might want to report that to adstraight as well as send them a copy of the code so they can look it over and see if they can identify the specific user. |
^)^ DeathfireD ^)^ Anime Alliance P2P Network *OPEN FOR NEW MEMBERS* |
DeathfireD said: There's a section in the code you posted that points to adstraight.com which is a pay per click service. So essentially whoever made this code was doing it to make money. Each time that little image loaded it would count as a click which was registered at adstraight. You might want to report that to adstraight as well as send them a copy of the code so they can look it over and see if they can identify the specific user. That's pretty clever. Props to this guy. |
| oops my bad. No clicking was involved. Adstraight offers pay per impressions and that's what he was using with the little image. Every time someone viewed a post that was hacked it would be counted as an impression. |
| ^)^ DeathfireD ^)^ Anime Alliance P2P Network *OPEN FOR NEW MEMBERS* |
| So that's what's happening. |
     #Feitoism @ irc.rizon.net - the official IRC channel for Fate Testarossa.  |
| O.O I just had that strange code pop up in my profile editing settings, and I had to redo my profile coding...oh well :D |
 |
| Stupid Hackers! GET A LIFE! |
 |
| Spam like crazy and push it down |
| ITT "Anime Guru" gives life advice. |
| Thanks, I was bothered by those weird codes. |
I ♥ Two Syaorans from Tsubasa RESERVoir CHRoNiCLE and TRC!!! |
| Maybe this is also the reason why I appeared online yesterday though actually I wasn't, neither I used MALu =/ |
| Hm...does this have anything to do with the fact that i now have to allow googlecode.com in order for MAL to work completely? I'm using NoScript and was blocking googlecode.com and the other ad sites and everything worked, but since yesterday i can't add Animes / Change seen Episodes etc. anymore without permitting those scripts. |
 |
| Shoot! that thing make me rework my ID's in to my profile & remove that "border=0>" thing & it removed all the photos in my profile & the buttons does not give you the correct action. Thank God that was the end of it! ^^ |
  |
| No way... I didn't even realize it until just now but thanks Xinil for always fixing things when it happens. You are the best!!^^ |
 |
| I don't know what really happened but thanks for the fix ^^ |
Motoyama said: Alberto said: Rewtle said: Thanks for fixing this, I guess. |
 |
pim said: Motoyama said: Alberto said: Rewtle said: Thanks for fixing this, I guess. |
| | Suikoden Fan Club[/right] |
| lol that's pimp. |
| Hello! |
Rewtle said: Devilmore said: Hm...does this have anything to do with the fact that i now have to allow googlecode.com in order for MAL to work completely? I'm using NoScript and was blocking googlecode.com and the other ad sites and everything worked, but since yesterday i can't add Animes / Change seen Episodes etc. anymore without permitting those scripts. Yes, I've had the same problem. I have to disable "NoScript" in order to get MAL to work completely. I too had this problem. |
Rewtle said: Thanks for fixing this, I guess. |
 "Non mihi, non tibi, sed nobis" Which means "It's not for me, It's not for you. It's for everyone" |
| Thanks! |
| I was wondering what those were, thanks for fixing it though! :) |
| I didn't see anything oO |
| Is this related to the club I was in this morning although I never joined it? This "biggest club" thing, whatever it was... |
 |
| Yes Spade - the quote is not working now *sighs* |
Shameless plug signature The Shorts Club  |
| I had those problems too, thanks for fixing. |
 When the rosario on her chest is taken off, Moka's vampire inner self awakes.  |
| well thx |
Signature removed. Please follow the signature rules, as defined in the General Forum Guidelines! |
| Oh when it messed up all my bb code a couple of days ago I just erased the extra thing and added [/img] again. No other problems after that. Thought you made some changes or something around the site and didn't report it. :| |
| =__= it is really a hard work .. ^^".. I think .. but really thanks XD keep the good work =3 Ja na |
Seny said: Oh when it messed up all my bb code a couple of days ago I just erased the extra thing and added [/img] again. No other problems after that. Thought you made some changes or something around the site and didn't report it. :| same thing happened to me today. i just replaced it with [/img] like you did. nothing much happened after that though i'm being cautious and changed my password. |
     |
More topics from this board
» [Challenge] You Should Read This Manga 2024 ( 1 2 3 4 5 )Kineta - Feb 23 |
208 |
by hawkpelt5
»»
6 hours ago |
|
» Try MAL's New Mobile Site! ( 1 2 3 4 5 ... Last Page )Xinil - Feb 15, 2015 |
423 |
by RED-clover12
»»
Apr 24, 10:19 AM |
|
» Planned 5hr Maintenance, Thursday April 25 @ 1am-6am PTKineta - Apr 22 |
0 |
by Kineta
»»
Apr 22, 8:10 PM |
|
» New Site Update: Peak Anime 🗻 ( 1 2 3 4 5 )Kineta - Mar 31 |
213 |
by Lancelot73
»»
Apr 21, 4:28 AM |
|
» Heavenly Easter Delusion: Devil and Dolce ( 1 2 3 4 5 ... Last Page )Kineta - Mar 27 |
3331 |
by Terra_strong
»»
Apr 17, 8:26 PM |