TTORA Forum banner

1 - 20 of 22 Posts

·
Registered
Joined
·
370 Posts
Discussion Starter #1
Anyone else see the link in the top left corner of the page in some form of arabic that links to persiansales.ir? You have to hover over it to see it on most pages, not sure if it's just me. Not sure if it's there on purpose or was planted there... Seems a little strange to me.

 

·
Registered
Joined
·
3,205 Posts
Blue Arabic link?

What is the blue link in Arabic at the top left of the main page?

"Persian sales" ??
 

·
Registered
Joined
·
3,205 Posts
A just asked too. I didn't see your thread. I'm afraid to click on it.
 

·
Registered
Joined
·
2,903 Posts
Nothing like that on my screen.

I use Firefox, and Add Block Plus.

I suspect that it's an add, and I don't see very many of those.
 

·
Registered
Joined
·
172 Posts
Arabic link in upper left corner of homepage

Just clicked on it and it took me to a sales site. Have we been hacked.
 

·
Registered
Joined
·
3,205 Posts
Nothing like that on my screen.

I use Firefox, and Add Block Plus.

I suspect that it's an add, and I don't see very many of those.
Same here Firfox and ADP. I still see it.
 

·
Hoist The Colors!
Joined
·
15,832 Posts
Looks as if we've been hacked. It's not just on the home page, it's on all pages...here in the forum as well.

DON'T CLICK THE LINK.
 

·
Registered
Joined
·
3,987 Posts
Oh my Allah! :eek:

Dare you to click on it... I sure as hell won't! Unless I'm at the library; 'cause y'know... not my computer.

That is pretty really absolutely f'n sketchy...
 

·
Registered
Joined
·
3,987 Posts
I clicked on it (after updating virus software) and it looks like a Persian Ebay or something; lots of stuff for sale. Google was like "WTF language is this, dude?" so it didn't hardly translate anything... but it seems harmless.



Now you know. :cool:
 

·
Hoist The Colors!
Joined
·
15,832 Posts
We were hacked, but should be back to normal now.


They gained access to a lot of information but apparently they just wanted to put links to their site on our site. Bob pulled them down and removed the backdoors they installed to be able to come back later (two were installed).


By the way the files were installed they came in via the website. Looks like they compromised my account by figuring out my password as I did not have access to the admin control panel for the past 24 hours. A security vulnerability in vBulletin could have allowed them to install the files that were found.
 

·
Registered
Joined
·
3,205 Posts
It's still on the main page for me...
 

·
Registered
Joined
·
3,205 Posts
Cookies cleared and computer restarted. It is still there on the main page for me.
 
1 - 20 of 22 Posts
Top