Home | Webstore
Latest News: OOTP 25 Available - FHM 10 Available - OOTP Go! Available

Out of the Park Baseball 25 Buy Now!

  

Go Back   OOTP Developments Forums > Prior Versions of Our Games > Earlier versions of Out of the Park Baseball > Earlier versions of OOTP: General Discussions

Earlier versions of OOTP: General Discussions General chat about the game...

Reply
 
Thread Tools
Old 05-10-2009, 02:11 AM   #1
Spanky
Major Leagues
 
Join Date: Apr 2003
Posts: 307
Attention: Hacker Alert!

Today I logged into the OOTP Forum where I have a Thread about Spanky's All Time Greats. I get by clicking on the following: (1) OOTP 9 - Mods (4 Viewing); (2) Rosters, Photos, and Quick-Starts; (3) All Time Greats ( 1 2 3 4 5 ... Last Page) Spanky; (4) Click here: All Sim Baseball.

Usually when I click on the link to "All Sim Baseball" I go the download page where Spanky's All Time Greats can be downloaded.

However, today I was redirected to some strange webpage with an strange looking Angel and a message telling me that my computer has been invaded!

I don't understand how this can happen on the OOTP website? It has never happened before. Is the forum not a secure place? Is my computer infected or is this some kind of practical joke? I don't find it funny at all! What should I do other than run antivirus? Is it possible that other OOTP forum pages or links have also been hijacked?

Please help and advise.

Spanky
Spanky is offline   Reply With Quote
Old 05-10-2009, 03:10 AM   #2
Tony M
Global Moderator
 
Tony M's Avatar
 
Join Date: Feb 2006
Location: Here
Posts: 6,156
Blog Entries: 3
That's not a problem with these forums, but a problem with the allsimbaseball site which is a separate entity.
__________________
This signature is intentionally blank
Tony M is offline   Reply With Quote
Old 05-10-2009, 04:08 AM   #3
Spanky
Major Leagues
 
Join Date: Apr 2003
Posts: 307
Quote:
Originally Posted by Tony M View Post
That's not a problem with these forums, but a problem with the allsimbaseball site which is a separate entity.
Is this a virus? Should I be concerned?

Spanky
Spanky is offline   Reply With Quote
Old 05-10-2009, 04:33 AM   #4
Eumel
Major Leagues
 
Join Date: Mar 2003
Location: Germany
Posts: 499
No, but whoever runs Allsimbaseball should be concerned, as someone hacked the site.

Should have no consequence for you, so you don't need to do anything on your computer. The problem is on the Allsimbaseball servers.
Eumel is offline   Reply With Quote
Old 05-10-2009, 04:36 AM   #5
kq76
Global Moderator
 
kq76's Avatar
 
Join Date: Nov 2002
Location: Vancouver, Canada
Posts: 10,664
It's fidel's site which, as far as I know, has nothing to do with the OOTP company. It just hosts some users' OOTP sites. My guess is someone just hacked into his site and that by visiting it you should be fine (I visited it earlier and none of my alarms went off), but you should ask him to make sure.

Last edited by kq76; 05-10-2009 at 04:49 AM.
kq76 is offline   Reply With Quote
Old 05-10-2009, 10:04 AM   #6
CeeBee
Minors (Double A)
 
CeeBee's Avatar
 
Join Date: Apr 2009
Location: Chase BC Canada
Posts: 105
If you didn't click on any links on the site you should be safe, but you can always run a virus scan if you feel uneasy.
CeeBee is offline   Reply With Quote
Old 05-10-2009, 03:08 PM   #7
Spanky
Major Leagues
 
Join Date: Apr 2003
Posts: 307
Embedded Links

I clicked on the embedded link on the OOTP forum webpage. This link opened up the window with the ominous message I mentioned. How could this embedded link on the OOTP site be changed to open up an entirely different webpage unless the hacker gained access from the OOTP forum page?

Have you looked at the link? If not, I suggest you do so.

Thanks
Spanky
Spanky is offline   Reply With Quote
Old 05-10-2009, 03:22 PM   #8
Tycobbler
All Star Starter
 
Tycobbler's Avatar
 
Join Date: Apr 2003
Location: 20 minutes from Comerica Park
Posts: 1,952
It's happened in 3 of my leagues as well. Always on the forum page(s) however. If i were guessing this makes the 3rd or 4th such occurance.

Visiting those forums didn't affect my PC at any time. I'd scan my PC just to be sure.
Tycobbler is offline   Reply With Quote
Old 05-10-2009, 03:56 PM   #9
kq76
Global Moderator
 
kq76's Avatar
 
Join Date: Nov 2002
Location: Vancouver, Canada
Posts: 10,664
Quote:
Originally Posted by Spanky View Post
I clicked on the embedded link on the OOTP forum webpage. This link opened up the window with the ominous message I mentioned. How could this embedded link on the OOTP site be changed to open up an entirely different webpage unless the hacker gained access from the OOTP forum page?

Have you looked at the link? If not, I suggest you do so.

Thanks
Spanky
I did. It doesn't look like the hacker changed the address of the link that you yourself posted (that address looks like it would lead to something like what you said in your post that it should link to). That link looks like it should ask for something from a database, but it first directs to the page index.php and the other stuff in the address is meaningless if the corresponding code is not in the page. That is also the same page you would get if you simply went to allsimbaseball.com. So to summarize, the page index.php on allsimbaseball.com got hacked, not the link in your post there.
kq76 is offline   Reply With Quote
Old 05-10-2009, 07:17 PM   #10
Tekneek
Major Leagues
 
Join Date: Mar 2002
Location: GA, USA
Posts: 453
I wouldn't say you are definitely safe. Odds are, if you keep your security patches up to date, you will be fine. There is no guarantee of course. You could have been the victim of cross-site scripting, which can be used to place malware onto your machine.
Tekneek is offline   Reply With Quote
Old 05-11-2009, 03:15 AM   #11
fantom1979
Hall Of Famer
 
fantom1979's Avatar
 
Join Date: Jul 2002
Location: Detroit, MI
Posts: 3,498
I just clicked on the link and it appears that all is fine now.
__________________

fantom1979 is offline   Reply With Quote
Old 05-11-2009, 08:49 AM   #12
kq76
Global Moderator
 
kq76's Avatar
 
Join Date: Nov 2002
Location: Vancouver, Canada
Posts: 10,664
Quote:
Originally Posted by fantom1979 View Post
I just clicked on the link and it appears that all is fine now.
His page is back, but my avast popped up with a trojan horse alert, name: JS:Redirector-H [Trj]. So it seems it is worse now, not better.
kq76 is offline   Reply With Quote
Old 05-11-2009, 10:57 AM   #13
The Wolf
Hall Of Famer
 
The Wolf's Avatar
 
Join Date: Jun 2006
Location: All alone
Posts: 12,612
Infractions: 0/1 (1)
I wonder if he is aware of it or not.
__________________
__________________
Quote:
Originally Posted by Markus Heinsohn View Post
Well, the average OOTP user...downloads the game, manages his favorite team and that's it.
According to OOTP itself, OOTP MLB play (modern and historical) outnumbers OOTP fictional play three to one.

Five thousand thanks for a non-modder? I never thought I'd see the day. Thank you for your support.
The Wolf is offline   Reply With Quote
Old 05-11-2009, 12:19 PM   #14
f.montoya
Hall Of Famer
 
f.montoya's Avatar
 
Join Date: Nov 2004
Posts: 6,066
Hey guys. I am aware of this issue. We did indeed have a security hack. I have restored the site but I must admit that I spend far more time taking care of my client websites than those of my own. I will be upgrading my site software this week so I should have this problem cleared up without issue. I apologize to any and everyone if you experienced any troubles accessing files or anything else at allsimbaseball.com
__________________
Fidel Montoya

Asahi2 Baseball ex-Commissioner(Historical League Since 2004)
www.allsimbaseball.com (OOTP web hosting - Customized sites for online leagues - Sign up, Connect OOTP and Play!)
Share Your Mods - Free, unlimited and easy to upload to share your Mods instantly(free site registration required)
f.montoya is offline   Reply With Quote
Old 05-11-2009, 03:07 PM   #15
Malleus Dei
Hall Of Famer
 
Malleus Dei's Avatar
 
Join Date: Dec 2001
Location: In front of some barbecue and a cold beer
Posts: 9,490
Quote:
Originally Posted by f.montoya View Post
I must admit that I spend far more time taking care of my client websites than those of my own.
This is why they say that "the shoemaker's children have no shoes."
__________________
Senior member of the OOTP boards/grizzled veteran/mod maker/surly bastage

If you're playing pre-1947 American baseball, then the All-American Mod (a namefiles/ethnicites/nation/cities file pack) is for you.

Quote:
Originally Posted by statfreak View Post
MD has disciples.
Malleus Dei is offline   Reply With Quote
Old 05-11-2009, 06:08 PM   #16
pbar25
Major Leagues
 
pbar25's Avatar
 
Join Date: Mar 2007
Posts: 343
none of those links are clear yet.
Visit allsimbaseball, there is still the redirect trojan.

I'm in Asahi2 Baseball, Fidel's league.

Should you go to the website right now, and click on the league Calendar link... (DO NOT unless you are expert),
the Trojan Horse JS:Redirector-H2[Trj] will be loaded onto your computer...

Location: C:\Documents and Settings\Your Name\Local Settings\Application Data\Mozilla\Firefox\Profiles\randomnumber.default \Cache\C07350C0d01

The current anti-virus program that is seeing this quickly is Avast.
Just had to warn people that have tested this, that you probably do have a Trojan on your computer now.
__________________
New York Mets - Asahi2 Baseball
pbar25 is offline   Reply With Quote
Old 05-11-2009, 10:07 PM   #17
f.montoya
Hall Of Famer
 
f.montoya's Avatar
 
Join Date: Nov 2004
Posts: 6,066
Quote:
Originally Posted by pbar25 View Post
none of those links are clear yet.
Visit allsimbaseball, there is still the redirect trojan.

I'm in Asahi2 Baseball, Fidel's league.

Should you go to the website right now, and click on the league Calendar link... (DO NOT unless you are expert),
the Trojan Horse JS:Redirector-H2[Trj] will be loaded onto your computer...

Location: C:\Documents and Settings\Your Name\Local Settings\Application Data\Mozilla\Firefox\Profiles\randomnumber.default \Cache\C07350C0d01

The current anti-virus program that is seeing this quickly is Avast.
Just had to warn people that have tested this, that you probably do have a Trojan on your computer now.
Missed the calendar. It has been removed but still working on the cleanup. Hopefully allsimbaseball.com isn't giving you trouble. If so, please let me know.
__________________
Fidel Montoya

Asahi2 Baseball ex-Commissioner(Historical League Since 2004)
www.allsimbaseball.com (OOTP web hosting - Customized sites for online leagues - Sign up, Connect OOTP and Play!)
Share Your Mods - Free, unlimited and easy to upload to share your Mods instantly(free site registration required)
f.montoya is offline   Reply With Quote
Old 05-11-2009, 10:17 PM   #18
f.montoya
Hall Of Famer
 
f.montoya's Avatar
 
Join Date: Nov 2004
Posts: 6,066
Quote:
Originally Posted by pbar25 View Post
none of those links are clear yet.
Visit allsimbaseball, there is still the redirect trojan.

I'm in Asahi2 Baseball, Fidel's league.

Should you go to the website right now, and click on the league Calendar link... (DO NOT unless you are expert),
the Trojan Horse JS:Redirector-H2[Trj] will be loaded onto your computer...

Location: C:\Documents and Settings\Your Name\Local Settings\Application Data\Mozilla\Firefox\Profiles\randomnumber.default \Cache\C07350C0d01

The current anti-virus program that is seeing this quickly is Avast.
Just had to warn people that have tested this, that you probably do have a Trojan on your computer now.
Thanks pbar25. I think I found it. I replaced all files with a backup but the backup didn't include the template files, which had an infected index file. If anyone is using Avast, let me know if www.allsimbaseball.com gives you any problems at all.
__________________
Fidel Montoya

Asahi2 Baseball ex-Commissioner(Historical League Since 2004)
www.allsimbaseball.com (OOTP web hosting - Customized sites for online leagues - Sign up, Connect OOTP and Play!)
Share Your Mods - Free, unlimited and easy to upload to share your Mods instantly(free site registration required)
f.montoya is offline   Reply With Quote
Old 05-11-2009, 10:25 PM   #19
pbar25
Major Leagues
 
pbar25's Avatar
 
Join Date: Mar 2007
Posts: 343
yep, all good now great work as always.
And just to stress, Fidel is one of the best commissioners around, obviously not his fault.
__________________
New York Mets - Asahi2 Baseball
pbar25 is offline   Reply With Quote
Old 05-12-2009, 01:16 AM   #20
Irishray
Moderator
 
Irishray's Avatar
 
Join Date: May 2007
Location: Dallas, TX
Posts: 359
Quote:
Originally Posted by pbar25 View Post
Just had to warn people that have tested this, that you probably do have a Trojan on your computer now.
Not if you are running Linux, as I am.
__________________
Ray

Linux - Xubuntu 23.04 64-Bit
Irishray is offline   Reply With Quote
Reply

Bookmarks

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 09:18 PM.

 

Major League and Minor League Baseball trademarks and copyrights are used with permission of Major League Baseball. Visit MLB.com and MiLB.com.

Officially Licensed Product – MLB Players, Inc.

Out of the Park Baseball is a registered trademark of Out of the Park Developments GmbH & Co. KG

Google Play is a trademark of Google Inc.

Apple, iPhone, iPod touch and iPad are trademarks of Apple Inc., registered in the U.S. and other countries.

COPYRIGHT © 2023 OUT OF THE PARK DEVELOPMENTS. ALL RIGHTS RESERVED.

 

Powered by vBulletin® Version 3.8.10
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Copyright © 2020 Out of the Park Developments