PLEASE BE ADVISED
The main page of marks daily apple has been hacked. At the bottom of the page HTML is an applet tag trying to run a malicious exe that will infect your computer. DO NOT CLICK "ALLOW" TO ANY POPUP FROM MARKS DAILY APPLE.
The forums do NOT APPEAR TO BE AFFECTED.
Mark, what to do:
SHUT DOWN THE SITE NOW.
Edit your page templates and remove the applet code.
Delete the exe from your public html root level folder.
UPGRADE WORDPRESS, VBULLETIN, AND ANY PLUGINS YOU HAVE INSTALLED. The entry point could have been anywhere. CHANGE YOUR LOG IN PASSWORDS IMMEDIATELY. Anything could have been compromised since they were able to get a file on your web space, including forum passwords.
Your contact page is broken because of the attack so I couldn't email you there.
I thought I had noticed some weird things there this morning.
"Canned food is a perversion,' Ignatius said. 'I suspect that it is ultimately very damaging to the soul."
- John Kennedy Toole (A Confederacy of Dunces)
Bump Can anyone send Mark an Email about this?
IF YOU ARE ON A WINDOWS MACHINE, AND YOU EVER CLICKED "ALLOW" TO A POPUP ON MARKS DAILY APPLE, YOUR COMPUTER HAS BEEN INFECTED.
This virus targets Windows machines only. Mac OSX and Linux users are fine, as usual. If you clicked "Allow" to a popup on MDA, you need to install a virus scanner (I suggest Avast!), then disconnect your computer from the internet AS SOON AS POSSIBLE, and run a full scan.
IF YOU USE YOUR FORUM PASSWORD FOR ANY OTHER APPLICATIONS, ESPECIALLY EMAIL, CHANGE ALL YOUR PASSWORDS NOW.
Since the malicious file (run.exe) is hosted on Mark's web space, that means the entire website has been compromised. Any corner of the site could potentially be affected.
The virus has been in place since last night (Monday Feb 6th). It is very scary that it has been unnoticed for so long. Many people could have been infected by now. It still hasn't been fixed as of Tuesday, Noon PST. This is a very serious problem. Does anyone know a faster way to contact Mark?
Please help spread the word through Twitter, and add @Mark_Sisson . Warn people against visiting the main site.
Thankfully my AVG Anti-Virus caught the trojan and put in the vault before any damage was done. You can download AVG for free