Jump to content

  • Quick Navigation
Photo

IFSQN Website Hacked

Share this

  • You cannot start a new topic
  • Please log in to reply
15 replies to this topic
- - - - -

Simon

    IFSQN...it's My Life

  • IFSQN Admin
  • 12,826 posts
  • 1363 thanks
880
Excellent

  • United Kingdom
    United Kingdom
  • Gender:Male
  • Location:Manchester
  • Interests:Married to Michelle, Father of three boys (Oliver, Jacob and Louis). I enjoy cycling, walking and travelling, watching sport, especially football and Manchester United. Oh and I love food and beer and wine.

Posted 05 September 2009 - 08:16 PM

You may have noticed our website and forums have been offline for most of the day (Saturday). This is because our website was hacked yesterday; the hackers put malicious code in every single page of our website and forum (1,000’s of pages). We realised within a matter of hours and have spent the day checking and reinstalling files, running virus and malware tools and changing passwords. The site is now clean and secure.

Fortunately we have been able to restore all information back on the website and nothing has been lost.

There is a potential risk for any member who logged on the site late Friday night / early Saturday morning UK time GMT and tried to make a post. Members who tried to do this at the time will have been asked to enter their username and password a second time into an authentication screen. This authentication screen was malicious, if you entered your username and password into this screen you will need to change your password as soon as possible. We expect this to be very few members if any at all.

If you have any concerns or questions please post here.

Please be assured we do everything we can to keep our site free of spam and malicious threats. Everything is safe and secure now, but we will be looking again at what further measures we can take to prevent this kind of thing happening again.

Thanks,
Simon

Get FREE bitesize education with IFSQN webinar recordings.
 
Download this handy excel for desktop access to over 180 Food Safety Friday's webinar recordings.
https://www.ifsqn.com/fsf/Free%20Food%20Safety%20Videos.xlsx

 
Check out IFSQN’s extensive library of FREE food safety videos
https://www.ifsqn.com/food_safety_videos.html


Hongyun

    Finger Lickin' Good

  • IFSQN Member
  • 241 posts
  • 20 thanks
3
Neutral

  • Singapore
    Singapore
  • Gender:Male
  • Location:Singapore

Posted 06 September 2009 - 06:20 AM

Oh dear... :o No wonder I got an error yesterday.

Why would someone want to hack a Food Safety forum? But I am glad the problem was resolved fast enough.

Thanks Simon.


"World Community Grid made it possible for us to analyze in one day the number of specimens that would take approximately 130 years to complete using a traditional computer."

- Dr. David J. Foran, professor and lead researcher at The Cancer Institute of New Jersey, UMDNJ-Robert Wood Johnson Medical School.




Join our LinkedIn Group! >> <<

GMO

    Grade - FIFSQN

  • IFSQN Fellow
  • 2,791 posts
  • 721 thanks
225
Excellent

  • United Kingdom
    United Kingdom

Posted 06 September 2009 - 10:42 AM

Fortunately the second authentication screen confused me so I didn't post, not out of sense but out of stupidity, I didn't know what they wanted me to type lol!

There you go, sometimes being stupid is helpful!


angelica

    Grade - AIFSQN

  • IFSQN Associate
  • 30 posts
  • 2 thanks
1
Neutral

  • Argentina
    Argentina
  • Gender:Female

Posted 06 September 2009 - 11:44 AM

Simon and work team
thank you for your efforts to keep this forum safe and secure. I appreciate it very much
Angélica


Simon

    IFSQN...it's My Life

  • IFSQN Admin
  • 12,826 posts
  • 1363 thanks
880
Excellent

  • United Kingdom
    United Kingdom
  • Gender:Male
  • Location:Manchester
  • Interests:Married to Michelle, Father of three boys (Oliver, Jacob and Louis). I enjoy cycling, walking and travelling, watching sport, especially football and Manchester United. Oh and I love food and beer and wine.

Posted 06 September 2009 - 08:15 PM

Dear Members,

I wanted to provide further information on what exactly happened to cause the site to be compromised and the events that have been taking place over the past day or so.

It appears my own personal computer became infected by a virus; this was possibly picked up when I visited a food magazine website that I go to from time to time.

This particular virus searched my computer for any FTP programs installed. Most normal computer users do not have an FTP program installed, however website owners usually do. FTP programs are used to upload and download website files.

http://en.wikipedia....ansfer_Protocol

Once the virus found the FTP program on my PC it grabbed my saved username and password giving the hacker free access to download files from the site, insert their malicious code and re-upload the files. They did this to almost every file on the site.

I was first notified by Charles C and Zeeshan who had come across the malicious authentication page when trying to post on the forums. As soon as I was notified I immediately took the website and forums offline.

Next I cleaned my PC of the infection with various anti virus and malware tools, changed my passwords for FTP (I do not leave them saved in the program now), and all of my other site admin and website control panel passwords.

I then uploaded a back up of the site from a couple of days ago. Fortunately the web hosts have an extremely good back up and security system.

I have now also subscribed to a monitoring service for the website which carries out regular scans of our site for malware and provides me with instant alerts of any malware activity such as file changes.

http://en.wikipedia.org/wiki/Malware

I have changed all of my passwords a second time.

I do not think we were targeted specifically and I’m not even sure what this virus was attempting to do. I attempted to make a test purchase through the store and everything worked fine with no redirects or anything, the only evidence of the hack was the authentication login when trying to make a post on the forums and the only details to enter there would be a username and password, which in the case would just allow the hacker to post on the forums; unless of course they got hold of my login details.

The main purpose of this kind of attack is normally to propagate a virus onto visitor’s computers or to redirect visitors to malicious websites or to try and steal personal information such as credit card details. It appears none of these happened in this case. Maybe we caught it early enough.

In a funny kind of way if the authentication page was not there maybe it would have gone undetected for a long time. This could have been catastrophic as Google would have found out quite quickly that our site was infected and we would have been blacklisted by them, in other words we would have been dropped from their search results and many years of hard work would have been lost. It could have been the death of us or at the very least it would have been a major set back.

As a reminder if anyone did enter their details into the authentication form please change your forums password immediately. As a further precaution I would advise any member who visited the site between the hours of Saturday 1.00 a.m. to Saturday 1.00 p.m. GMT to carry out a virus and malware scan of their computer.

If anyone has experienced anything out of the ordinary whilst browsing the site please let me know and I ask everyone to be vigilant and report anything that does not appear normal.

Apologies for any inconvenience caused.

Regards,
Simon

Get FREE bitesize education with IFSQN webinar recordings.
 
Download this handy excel for desktop access to over 180 Food Safety Friday's webinar recordings.
https://www.ifsqn.com/fsf/Free%20Food%20Safety%20Videos.xlsx

 
Check out IFSQN’s extensive library of FREE food safety videos
https://www.ifsqn.com/food_safety_videos.html


Simon

    IFSQN...it's My Life

  • IFSQN Admin
  • 12,826 posts
  • 1363 thanks
880
Excellent

  • United Kingdom
    United Kingdom
  • Gender:Male
  • Location:Manchester
  • Interests:Married to Michelle, Father of three boys (Oliver, Jacob and Louis). I enjoy cycling, walking and travelling, watching sport, especially football and Manchester United. Oh and I love food and beer and wine.

Posted 08 September 2009 - 07:56 AM

Friends we are tentatively back online. I say tentatively because we thought we had fixed it the first time and we were infected again. It’s been a very difficult couple of days as you can imagine. We are still not sure if it was an FTP virus on my PC or perhaps somebody else who has access to my FTP details such as my programmer or the web hosts. In fact whether FTP was the cause or not a lesson has been learned there. The web host servers are very secure after they got hit 12 months back and then the other possibility is that there is a hole in one part of the huge software architecture that makes up this website. It’s worrying because we do not know exactly what the root cause is.

The main thing is the site is clean now and nothing happened overnight; we are remaining vigilant and if it does come back we will have no alternative but to take the site offline quickly to carry out more investigations and corrective / preventive action. If you see anything unusual please contact me straight away and do not use the site.

I urge all members to make sure you have an up to date and effective antivirus and firewall and also your Microsoft Windows and other software programmes you use have all necessary updates and security patches installed. If this is the case even if we are attacked again no harm should come to your computer.

Owning a website it’s an ongoing battle against spam and hack attempts, they are a daily occurrence and we can only ever try to keep one step ahead. Whatever it takes we will not be beaten.
Apologies for any inconvenience caused and please make sure that you have a strong password for the forums, change it especially if you logged onto the site over the past few days.

I want to thank all of you who have sent me personal messages of support over the past few days; I really appreciate your kindness and concern and your obvious care for the well-being of the forums.

Thanks and Regards,
Simon

Added: By the way if anyone spots any missing files or things not working properly please let me know as with all of the reinstalling of backup's it is possible that files may have been lost or broken.

Get FREE bitesize education with IFSQN webinar recordings.
 
Download this handy excel for desktop access to over 180 Food Safety Friday's webinar recordings.
https://www.ifsqn.com/fsf/Free%20Food%20Safety%20Videos.xlsx

 
Check out IFSQN’s extensive library of FREE food safety videos
https://www.ifsqn.com/food_safety_videos.html


Abdul Qudoos

    Senior Member

  • IFSQN Senior
  • 308 posts
  • 42 thanks
7
Neutral

  • United Arab Emirates
    United Arab Emirates
  • Gender:Male

Posted 08 September 2009 - 10:44 AM

Thanks for saving us,

You did a wonderful job, CONGRATULATIONS to all the team, Hacking / cracking is most unusual things that going to be happened sometimes, we have to be very careful.
Y'day i too faced a lot of problem with errors.

Cheers & :thumbup: ,

Join me on
Abdul Qudoos on LinkedIn
Follow me on twitter Healthy_Food_
Visit my website Healthy Food Management



Zeeshan

    Grade - SIFSQN

  • IFSQN Senior
  • 499 posts
  • 224 thanks
25
Excellent

  • Pakistan
    Pakistan
  • Gender:Male
  • Location:Karachi, Pakistan
  • Interests:QMS, TQM, FSMS, HMS (Halal Management System), IMS (Integrated Management System), Training Programs Management, Performance Management

Posted 09 September 2009 - 02:42 AM

A great job indeed!

Congratulations and thanks to all, including Simon, who did a lot, day and night, to restore our beloved forum back safe and sound.

Hope it works well and secure in the future!

Regards:
Zeeshan


Kamwenji Njuma

    Grade - MIFSQN

  • IFSQN Member
  • 131 posts
  • 47 thanks
4
Neutral

  • Kenya
    Kenya
  • Gender:Male
  • Location:Nairobi,Kenya
  • Interests:Food safety,Quality,Hygiene and Agricultural consultancy.HACCP,BRC Food,ISO22000.ISO9001,GLOBALG.A.P,Etc

Posted 09 September 2009 - 08:26 AM

Simon and the team,

Thanks for the good work and for your fast response.
Keep it up.

Regards,
Jeremy


Simon

    IFSQN...it's My Life

  • IFSQN Admin
  • 12,826 posts
  • 1363 thanks
880
Excellent

  • United Kingdom
    United Kingdom
  • Gender:Male
  • Location:Manchester
  • Interests:Married to Michelle, Father of three boys (Oliver, Jacob and Louis). I enjoy cycling, walking and travelling, watching sport, especially football and Manchester United. Oh and I love food and beer and wine.

Posted 09 September 2009 - 11:39 AM

Right now we are virus free and have been for two days. I'm not saying we have cracked it completely and they may try again in the future. I suppose it’s a bit like being bullied at school you never know where and when it may be happen again and you just have to take precautions and be as careful as you can. But you are forever frightened and on alert.

To make matters worse the web host company suspended my account because of using too many CPU resources on the server; they did this without consultation and simply sent me an email to tell me. I immediately responded to explain the issues I had been having and that the CPU load was probably caused by me running various website vulnerability tools to look for exploits. Unfortunately then they did not response for 10 hours – all the time the site was suspended.

Talk about kicking a man when he’s down. :rolleyes:

Thanks everyone. Now let’s get on with the discussion. :smile:

Regards,
Simon

Get FREE bitesize education with IFSQN webinar recordings.
 
Download this handy excel for desktop access to over 180 Food Safety Friday's webinar recordings.
https://www.ifsqn.com/fsf/Free%20Food%20Safety%20Videos.xlsx

 
Check out IFSQN’s extensive library of FREE food safety videos
https://www.ifsqn.com/food_safety_videos.html


BoomBoom

    Grade - Active

  • IFSQN Associate
  • 24 posts
  • 3 thanks
1
Neutral

  • United States
    United States

Posted 09 September 2009 - 07:47 PM

Simon -

I want to give you a public THANK YOU!!!

As i was one of the few that actually tried to post during the time that the site was compromised, you were able to get my password changed and get me back on as a Member instead of a Guest.

Your personal effort during all of this is to be commended! :clap:

Hats off to you! :beer:

Tom


tsmith7858

    Grade - SIFSQN

  • IFSQN Senior
  • 262 posts
  • 52 thanks
10
Good

  • United States
    United States

Posted 09 September 2009 - 08:33 PM

Thanks for the continuing effort to give us all a valuable resource. We often go to sites and use them and forget that their are people behind the scenes keeping everything running. :clap:

TS


pawilliams1

    Grade - AIFSQN

  • IFSQN Associate
  • 43 posts
  • 3 thanks
1
Neutral

  • Wales
    Wales
  • Gender:Male
  • Location:Bangor, Gwynedd
  • Interests:Food Safety, Quality Management Systems, HACCP

Posted 10 September 2009 - 08:39 AM

Great job getting everything working again Simon.

Viruses and malware are a nusiance - if the people that write them actually put their efforts in producing useful programs they could probably make a small fortune!!

It is an important reminder though for everyone to remember to use a firewall and anti-virus software. I use PC Tools firewall, antivirus and a brilliant little program called Threat Fire as protection against infections. They are brilliant programs, constantly being updated, from a well known software house. You can get all this protection and more information by visiting www.pctools.com

Did I mention that it's free too (as long as you select the free version!)


Simon

    IFSQN...it's My Life

  • IFSQN Admin
  • 12,826 posts
  • 1363 thanks
880
Excellent

  • United Kingdom
    United Kingdom
  • Gender:Male
  • Location:Manchester
  • Interests:Married to Michelle, Father of three boys (Oliver, Jacob and Louis). I enjoy cycling, walking and travelling, watching sport, especially football and Manchester United. Oh and I love food and beer and wine.

Posted 10 September 2009 - 09:09 AM

Thanks again everyone, I really do appreciate your kind comments.

It really is an ongoing battle and I certainly will not be doing anything as stupid as leaving my FTP details stored on my PC again. The silly thing is I know other websites that have been done by this routine and even my own web hosting company had a huge issue with this 6 months or so ago. I have learned some more lessons but it would be wider to learn the lessons from others mistakes.

It is very difficult though trying to be a master of everything. There are so many elements that need to be taken care of when running a website for example:

- Web design
- Software upgrades and modifications
- Search Engine Optimisation
- Monitoring website performance
- Contributing to the discussions
- Forums administration
- Adding news, events, articles etc.
- Newsletters
- Sales and marketing
- Business admin and accounts
- Security ( added :blush: )

It is a huge task and then obviously things get neglected. Security must be higher up my ‘to do’ list or there is no website and we can all go home.

Regards,
Simon

Get FREE bitesize education with IFSQN webinar recordings.
 
Download this handy excel for desktop access to over 180 Food Safety Friday's webinar recordings.
https://www.ifsqn.com/fsf/Free%20Food%20Safety%20Videos.xlsx

 
Check out IFSQN’s extensive library of FREE food safety videos
https://www.ifsqn.com/food_safety_videos.html


sandy soni

    Grade - Active

  • IFSQN Associate
  • 19 posts
  • 0 thanks
0
Neutral

  • India
    India
  • Gender:Male
  • Location:Nashik

Posted 11 September 2009 - 03:10 AM

Good job Simon

My best wishes with you always....


Sandy


Simon

    IFSQN...it's My Life

  • IFSQN Admin
  • 12,826 posts
  • 1363 thanks
880
Excellent

  • United Kingdom
    United Kingdom
  • Gender:Male
  • Location:Manchester
  • Interests:Married to Michelle, Father of three boys (Oliver, Jacob and Louis). I enjoy cycling, walking and travelling, watching sport, especially football and Manchester United. Oh and I love food and beer and wine.

Posted 11 September 2009 - 07:50 AM

Cheers Sandy. :smile:

Get FREE bitesize education with IFSQN webinar recordings.
 
Download this handy excel for desktop access to over 180 Food Safety Friday's webinar recordings.
https://www.ifsqn.com/fsf/Free%20Food%20Safety%20Videos.xlsx

 
Check out IFSQN’s extensive library of FREE food safety videos
https://www.ifsqn.com/food_safety_videos.html




Share this

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users