Registered: 03-11-01
Posts: 6175
Loc: Arlington, Virginia
Capitol Grilling experienced a security intrusion on 05-26. There are no FTP-SSG auth logs for the user, so the intrusion was CGI-based using a vulnerability in the forum software version 7: http://secunia.com/advisories/31804
Unfortunately, the timing of the intrusion coincided with a my move to a new apartment (very stressful in itself), so I was not aware of this until this weekend and did not have my DSL restored to troubleshoot the issue until last night.
If you received an e-mail from the software asking you to verify your password, or alternately if you visited the index page on the main site (not the forum), and do not have adequate and current virus protection (which would detect the trojan and block it), you may want to scan your computer with anti-virus software or software such as Spybot. Also, if you do detect that you were infected, please change your CG forum password (I am not certain if the Trojan collects any other password information).
I have deleted the infected files but will need to patch the software sometime soon (by this weekend). If you have any questions, please use the form at zeroflux.com (not Capitol Grilling) to contact me. I am still moving so will only be checking mail periodically until this weekend when I am not putting in 14 hour days between the move and work.
