Could be some Turkish guy.

And before that something else on the RC for all site that destroyed my laptop last week.

Interesting RCFORALL seems to have become popular  enough to gain global attention 

Jokes apart

I checked with our service provider and they confirmed that there was an intrusion into their server physically by someone  within India  with a stolen user ID and pass word . It was  not hacking  in the true sense of the word . the problem has been fixed  the IP address from where the incursion occurred has been traced and the action initiated  with the appropriate law enforcement agencies  .

There is no turkish connection here  it is a pure Desi mamala using a turkish Mukhota  .

BTW TG I also talked on your matter with   the service providers and they are looking into that as well  but are surprised that  a web  site  could knock out a lap top .
I am not a techie so  don't know much on this  subject. Will keep you updated.

Rgds
Sai

Thanks for checking, in my case, a virus got installed on my laptop. It even setup its own links to "websites" on my desktop and went on to prevented any way of controlling what applications ran on the system. Unfortunately, the only way out was a re-install - which was partly also owing to the IT guy (at work) who handled the incident.

In any case thanks for following up.

Oh yhanks for the warning guys.. Almost opened the RCFORALL page to check out a few motors on the windows partition! *phew*

Its ok today ;-)

Quote from: rcforall on October 20, 2010, 04:11:46 PM

It was  not hacking  in the true sense of the word . the problem has been fixed  the IP address from where the incursion occurred has been traced and the action initiated  with the appropriate law enforcement agencies  .
Rgds
Sai

Problem is fixed I cannot afford let it lying around till  evening .

sai

RC for all website has had no problems with my laptop and vise versa till date.
I am using Bitdefender 2010 and it has a antipishing toolbar on my mozilla browser!
So far, nothing..
BTW Sai, Your page is always opened in my browser..

I opened the page after the warning to see what had happened.I use ubuntu,so nothing has happened yet.Will anything happen?If tg got a virus,would I get it?Sorry ,I sound like a prick but my brother is the 'tech geek' and I wouldn't dare destroy his laptop.If I do,I will break my record of not destroying any systems .As far as I know,almost none to a very few programs hurt linux but I just want to be on the safer side.

Ge the guy and let him have it.

google  TheWayEnd  the list is endless
must be a mass attack

Ubuntu has very less viruses compared to Windows.. But Mac beats them all! NO VIRUS!! ..
Yeah even my bro will kill me if a "somehow" destroy his system!

So,pretty much no chance that my system will be infected right?

Hello Sir,
Could you please tell that where is your server located? Even I got hack attempts on my website LOG. There is a huge SPAM going around... Even FB India was hit with a very huge and serious Spam and intrusion on Tuesday and wednesday. It is still not fixed completely...

Maybe its coming from RCI....hahaha!
well! who knows!

Quote from: rcforall on October 20, 2010, 04:11:46 PM
I checked with our service provider and they confirmed that there was an intrusion into their server physically by someone  within India  with a stolen user ID and pass word . It was  not hacking  in the true sense of the word . the problem has been fixed  the IP address from where the incursion occurred has been traced and the action initiated  with the appropriate law enforcement agencies  .

There is no turkish connection here  it is a pure Desi mamala using a turkish Mukhota  .

Most likely the hacker (there is an active Turkish one), used the other Indian IP address as only a launching point, and that itself would be a hacked system.  I would seriously doubt if the original perpetrator is Indian.

If the website is hackable by a stolen username of an ecommerce system, then the cart software cannot be trusted.  The way the front page was replaced, they would need access to the underlying hosting account, which means there is more to this story than the way it was communicated to Sai.

In any case, I hope the cart software is upgraded to the latest version available, otherwise this would not be the last of such incidents.

For the rest of us, keep your virus s/w up to date and ensure that the virus definitions are current. Mine wasn't and paid the price.

Quote from: controlflyer on October 20, 2010, 11:26:32 PM
Maybe its coming from RCI....hahaha!
well! who knows!

Looks like you have a definte axe to grind

Quote from: anwar on October 21, 2010, 12:02:57 AM
Most likely the hacker (there is an active Turkish one), used the other Indian IP address as only a launching point, and that itself would be a hacked system.  I would seriously doubt if the original perpetrator is Indian.

If the website is hackable by a stolen username of an ecommerce system, then the cart software cannot be trusted.  The way the front page was replaced, they would need access to the underlying hosting account, which means there is more to this story than the way it was communicated to Sai.

In any case, I hope the cart software is upgraded to the latest version available, otherwise this would not be the last of such incidents.

I Betcha! Anwar is absolutely right (I am myself at a Comp Security Co). RcForall was a victim of mass hacking heist by probably these Turkish hackers as a Propaganda war. Sai, whatever your ISP has told you is an utter lie. As an ISP  they should have very well known that such a widespread attack has occurred on similar sites.

Even if they are partially right, the Indian IP in question would be that of another poor guy whose machine was compromised and used a 'Zombie' of the Botnet used to put together the attack (to remove trial to the original hackers).

I would suggest, if your margins increase, get the daily certification of leading security companies like EnTrust, McAfee who run a Exploit suit on website against known vulnerability, and certify them to be secure. Your site was attacked due a known/common vulnerability in the ISP infrastructure/Portal web service and not a dedicated effort by some one targeting you specifically (Crackers are yet not targeting RC flyers by muling LHS web Sites).

All the best Sai.

<edit>
I found some thing on the Hacker guy eno7. The lunatics are exploiting vulnerability in a specific Portal software (like one runs this forum as well) and targeting even small forums. May be this is more of Technical rivalry between the Portal SW developers than anything more profound like global cyber terrorism.
http://forums.digitalpoint.com/showthread.php?t=21132

</edit>

A different type of support for our LHS this time, from the forum members :-)

Quote from: flyingboxcar on October 21, 2010, 12:13:40 PM

Quote from: controlflyer on October 20, 2010, 11:26:32 PM
Maybe its coming from RCI....hahaha!
well! who knows!

no! nothing serious!
Internet is like a sea with undiscovered viruses as such! every page you open or browse leaves something behind!
Personally! I am repeating that Rcforall is always open on one of my saved tabs on my browser!
no harms to anyone whatsoever


Looks like you have a definte axe to grind