f13.net

Is anyone else seeing a hidden link for "casino strategies" on the F13 front page, or am I sporting some weird virus?

Edit by Trippy: moved to own topic

What's a front page?

I see it in the source through Firefox. We've probably been hacked :awesome_for_real:

I won't be able to easily work on it until I get home.

Joke's on the hacker, no one reads the front page.

It's a honey pot :awesome_for_real:

Offending block of code removed. Don't know yet how it got there (so it may come back).

Looks like it did, and not so hidden this time.

Time to change the password? Remember to use numbers and a special character!

 :why_so_serious:

But seriously, I tend to surf in past the front page, should I be worried about anything?

I also run browsers protected by noscript and have only clicked on the forum link in forever.

Well WP had a huge hole in class-phpmailer.php which was made public in December last year which might be the way they are getting through.

Removed that file and one of the injected malware files that likely came through that exploit, removed the offending link (again), and am continuing to scan for other bad stuff.

As long as you didn't click the link you should be fine.

The exploit only really allowed hackers to make new posts on the Wordpress site. It's more of a defacement kind of thing as opposed to a crack the user database thing.

Is the double navbar something you caused or is the site still being screwed with?

Godaddy (I know, shut up) just nuked a ton of shit from an old, unupdated test site I had hanging around. I ran the WP updater after getting the notification, but they seem to be on the ball about making sure that gets dealt with, whether you like it or not.

We use GoDaddy too but that's cause schild used to work there and we've too lazy to move off of them, though we did explore that option the last time around.

Why am I now getting fucking e-mails from Russian Bots purporting to be from f13 ?

I think the PM system got a dick in it now.