when accessing the forum from the main page http://forum.simutrans.com/ it sends me to lockerzpoints dot com.
Is it just me, or does anyone else get this problem?
I just got this when accessing the forum today. I had to go through one of the language board links from the simutrans page to get here. It wasn't happening before and I'm quite certain my PC is free of malware.
If this was the wrong section to post this, sorry. Mods feel free to move this wherever it should be. I tried to PM an admin about the issue, but PMs are disabled.
Yep, something is wrong. I sent an email to Isaac, will try to send to a few other people.
I got the report.
Please, use the address http://forum.simutrans.com/index.php while this problem is under investigation.
I can confirm it too.
Server has almost certainly been hacked, it is serving HTTP redirects when accessing that page.
Investigating now.
Looks like VS found a .htaccess with a simple redirect. Now I'm going to have to try and decide/see if it was SMF, or someone getting the p****word, or what.
EDIT: Looks like the only two .htaccess files modified were both for this account, so either the account or the forum got hacked, looks like.
I'm going to go change the p****word for the account and hope that helps. :-|
Hmm, if it was a hole in SMF, then I would expect the following actions to target SMF functions as well. With such a generic payload, I suspect a problem with PHP, MySQL or the underlying software.
How can we be sure that there isn't a backdoor? Comparing the RTE to a backup works to a limited extent.
better post something about this on the simutrans blog, and possibly other simutrans news sites.