IgniteRealtime Hacked!

I opened http://www.igniterealtime.org/community/thread/28252?tstart=0 and spotted a wierd page. If it’s not my IE, it may have implied that some dude is already trying to hack the site.

I’ve seen this text in email notifies about messages of some user, though this text was only in notifies.

Not hacked, but he was somehow able to include some html that our filters should have removed. We’re looking into filter settings now to see if we have something misconfigured.

I’m still wondering how that happened in both the website and email notifications. I don’t think @slushpupie wrote the adds on purpose.

Anyway, now it’s gone, and hopefully for good.

I should be clear - it had nothing to do with slushpupie’s post. It was a comment from a spammer on the thread that he started. One of our developers figured out which comments had the ads. That user’s comments have been deleted and the user has been banned from the community. The user only had 2 posts and both were spammy.

We’re looking into how he did this to prevent future issues.

Hi Dawn,

while I don’t want to say hurry up a little bit you may want to do this. If the user would have added less spam links to his post no one wouldn’t have noticed the spam except search engines and they are usually the better target than users in forum.

LG