< ! --Digital window verification 001 -->

NikonRumors.com is clean

The malware that was present on NikonRumors was removed yesterday and the site is now clean. It can take Google up to 24hr to remove their black listing for nikonrumors.com. Here are  the results from sucuri.net - everyone has a clean listing for nikonrumors.com except Google:

Sorry for the inconvenience.

You can aways get RSS updates without visiting the site.

This entry was posted in Other Nikon stuff. Bookmark the permalink. Trackbacks are closed, but you can post a comment.
  • http://www.adelieland.eu/ Diti

    Uh… What happened?

    • Rainbow

      I visited NikonRumors yesterday(~GMT 12:10, Aug. 26), and got a warning message from Norton AntiVirus.
      According to Norton, this type of malware is “HTTP Phoenix Toolkit Java Class Activity”
      (http://www.symantec.com/business/security_respo…)

      The IP address of attacker is 79.135.152.219

      OS: Windows Vista
      Browser: Chrome(Google)

  • The invisible man

    What ? NR is now clean ?
    That was the only dirty website my wife allowed me to visit !
    :o

  • Sam

    I don’t think it is clean. I just received multiple attempted downloads after coming on and then the same when I clicked on this thread.

    • snorri

      Same here, I’m afraid. On visiting the page, a Java window opened without telling me what it was doing. Which was stupid of me, since I received a warning when visiting nikonrumors a few hours earlier from my work computer, which has a virus scanner that blocked the intruder. Needless to say, on this machine, the antivirus software expired a few days ago.

      So I guess my computer is infected now … great >:-(

  • Global

    Wrong! Not sufficiently fixed.
    I can’t even enter this site –RIGHT NOW– without clicking “proceed anyway”

    four.marjoriereedpaintings.net
    crocro.biz/
    AS31815 (MEDIATEMPLE)

    Please note the following messages I keep getting –RIGHT NOW–:

    GOOGLE is warning people not to use NikonRumors

    This is the page I get when trying to enter:

    Warning: Visiting this site may harm your computer!
    The website at nikonrumors.com appears to host malware – software that can hurt your computer or otherwise operate without your consent. Just visiting a site that hosts malware can infect your computer.
    For detailed information about the problems with this site, visit the Google Safe Browsing diagnostic page for nikonrumors.com.
    Learn more about how to protect yourself from harmful software online.

    If I click their safe browsing link, it tells me this:

    Safe Browsing
    Diagnostic page for nikonrumors.com

    What is the current listing status for nikonrumors.com?
    Site is listed as suspicious – visiting this web site may harm your computer.

    What happened when Google visited this site?
    Of the 47 pages we tested on the site over the past 90 days, 1 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-08-26, and the last time suspicious content was found on this site was on 2010-08-26.
    Malicious software is hosted on 1 domain(s), including crocro.biz/.

    This site was hosted on 1 network(s) including AS31815 (MEDIATEMPLE)

    Later, it tells me this one:

    Warning: Visiting this site may harm your computer!
    The website at nikonrumors.com contains elements from the site four.marjoriereedpaintings.net, which appears to host malware – software that can hurt your computer or otherwise operate without your consent. Just visiting a site that contains malware can infect your computer.

    • o rly

      Reading & comprehension fail:
      “It can take Google up to 24hr to update their black listing for nikonrumors.com.”

    • http://nikonrumors.com/ [NR] admin

      yes, it will take Google some time to remove the warning, I submitted a request already earlier today. Not much I can do. I will not post anything else until I am sure this is fixed.

      • iamlucky13

        For those who are using Firefox (is it even an issue with other browsers?) and wish to, you can disable the warning message by going to

        Tools > Options > Security and unchecking “Block reported attack sites.”

        This will also allow your browser to download the stylesheet, which normally happens in the background and doesn’t happen after ignoring the default prompt.

        This is not without risk, and it would probably be best to go back and recheck this box after you finish your visit here.

        • Nick Kahn

          I did just that with Firefox and still got the same level of alert messages, to the point where even if I got to the front page, I could not get into topic threads.

  • Global

    Not sufficiently fixed.
    I can’t even enter this site –RIGHT NOW– without clicking “proceed anyway”
    These additional sites are causing problems:

    four.marjoriereedpaintings.net
    crocro.biz/
    AS31815 (MEDIATEMPLE)

    Please note the following messages I keep getting –RIGHT NOW–:

    GOOGLE is warning people not to use NikonRumors

    This is the page I get when trying to enter:

    Warning: Visiting this site may harm your computer!
    The website at nikonrumors.com appears to host malware – software that can hurt your computer or otherwise operate without your consent. Just visiting a site that hosts malware can infect your computer.
    For detailed information about the problems with this site, visit the Google Safe Browsing diagnostic page for nikonrumors.com.
    Learn more about how to protect yourself from harmful software online.

    If I click their safe browsing link, it tells me this:

    Safe Browsing
    Diagnostic page for nikonrumors.com

    What is the current listing status for nikonrumors.com?
    Site is listed as suspicious – visiting this web site may harm your computer.

    What happened when Google visited this site?
    Of the 47 pages we tested on the site over the past 90 days, 1 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-08-26, and the last time suspicious content was found on this site was on 2010-08-26.
    Malicious software is hosted on 1 domain(s), including crocro.biz/.

    This site was hosted on 1 network(s) including AS31815 (MEDIATEMPLE)

    Later, it tells me this one:

    Warning: Visiting this site may harm your computer!
    The website at nikonrumors.com contains elements from the site four.marjoriereedpaintings.net, which appears to host malware – software that can hurt your computer or otherwise operate without your consent. Just visiting a site that contains malware can infect your computer.

  • robA

    Any word on what we should look for to see if we’re infected?

    Bummer, admin.

    • The invisible man

      @robA
      I had this problem:
      Wanted to rename or delete a file (pictures) and an other file was deleted.
      It was about a month ago.
      I did a security upgrade on Windows website (XP) and since my computer is fine.

  • robA

    nikonrumors.com sucks!

    I’m switching to canonrumors.com

    (jk, admin – love this site).

    • Global

      Good one. =P

      Aw, poor admin. This site has a 70-200VRII defect suddenly. Wounded slightly, but still very valuable. ;-)

      Keep doing a good job.

  • http://www.jesusenguatemala.com William Santos

    Maybe Google is Canonista :-p

  • mrk

    gosh, I haven’t even noticed… using Firefox+NoScript [plugin which allows you to customise javascript behaviour on selected sites]

  • zseso

    Still not safe: a trojan was detected, ‘all.pdf’ was named by ESET Smart Security.
    Take care, admin! Come over my server, I can offer you a free hosting service, if you think.

  • Adam

    Not clean here. Eset Nod32 is blocking malware download attempts for me too.

  • Sean

    Came to this site this morning & AVG caught the infection on my machine, but didn’t necessarily prevent it… it was some url with an IP address followed by /a/index.php.

    But then my Chrome crashed, and a chrome error dialog (which turned into a windows system dialog) came up which required about 30 clicks to dismiss. I restarted Chrome, same dialog was there, crashing Chrome. All this, and still no final rumors on d7000!?!? ;-( FML

  • Adam

    Reloaded and no more messages here. Maybe Eset Nod32 was reacting to somthing in my cache? I’m on IE as firefox is still blocking the site.

    Time to start pointing fingers. I think Olympus is behind the virus attack. They’re tired of Nikon and Canon getting all the rumors ;)

  • Jay

    Hehe switch to Mac guys, fun and clean here.

    • Anonymous,

      Switch to LINUX, guys, fun clean AND free (as in freedom) here

      • http://nikonrumors.com/ [NR] admin

        the grid server is running on Linux

        • http://www.miguev.net/ miguev

          I suspect he meant everybody else (than NR) to switch to Linux, on their PCs.

          I second the recommendation, been virus free about 10 years :)

          No kidding, we added dual boot (Windows & Linux) in all PCs at college (Mathematics faculty) and removed Internet access from Windows OS. After 4 years without a single virus/malware related accident, a few days after I left, someone decided to give Internet access to Windows PCs… guess how much they lasted, even with current antivirus :P

          So, yes, get some easy Linux (e.g. Ubuntu 10.04) and start by having dual-boot on your PC. Like manual focus, it’ll take some practice but you’ll be glad to have it once you get used to it ;-)

          • http://bit.ly/9NIXQ David Hasselblaff

            If you think running Linux alone protects you from most malware you are right and wrong at the same time. Most Flash and JavaScript hacks are targeted at MS Winblows, of course.

      • The invisible man

        Switch to Sinclair BASIC !
        Safier operating system ever !
        :o

        • Jose

          Care to pass me the TCP/IP stack code for my 1K ZX81?

        • eric

          Secure Solaris is the safest you can get without working for the NSA.

          My Mac warned me it was dangerous. But I know for a fact that such malware isn’t a threat. So I’m not worried for me, but all my Windows friends I was worried about.

          Gotta stop visiting those Canon sites admin! :-D

  • Texasjoe

    Nothing happened to my Mac. Oh yeah. It’s a Mac.

    • CK

      Agreed :) No problems on my iMac, iPad or iPhone :)

      • Global

        Why would useless paperweights have a problem?

        • snafu2010

          Trolling like a canon user :)

    • iamlucky13

      Be careful about getting too comfortable with security as a result of obscurity. Only a small proportion of malware is targeted at Mac or Linux systems, but it does exist.

      • Entwickler

        After the PDF security hole in iOS… neither the iPad, nor iPhone nor iPod Touch were safe for two weeks or so… and only God knows, when we will see the first iPhone (or Android) virus, but we will see it some day.
        I’m running my Mac with antivirus software, and cross my fingers that it can protect me :-}

      • snafu2010

        <<Be careful about getting too comfortable with security as a result of obscurity

        I know it's a well warmed warning but can you blame mac users for being so proud? We haven't had to deal with serious virus/malware for the last 9 years. It's rare you'll find a serious security issue on OS X without having the user typing in their admin password.

        You can't say the same for Windows users, just take a look at all the available malware and virus scanners. When the Mac falls victim to malware/virus at the PC level, I'm packing and moving to the next available option, Ubuntu. When that fails, GoogleOS should hopefully be up and running.

      • Jose

        +1

        For all who believe OS X is malware-proof, check this:
        http://news.cnet.com/8301-27080_3-10444561-245.html

        • eric

          Those experts are full of it.

          Facts: There are zero viruses for Macs. Period. There are a few pieces of Malware that can harm the computer IF the user types in the administrator password when the malware tries to access the system.

          There are some browser vulnerabilities, as well those in Acrobat and Flash. But those are only harmful if you, again, type in your administrator password.

          If you’re a Mac user, your main vulnerability is social engineering, not malware of viruses. There are a few theoretical browser vectors, but nobody has shown a single compromised computer in the wild to date.

          Doesn’t mean we shouldn’t be vigilant, or that there isn’t always a threat just around the corner about to become real. But to date, we are safer than other computer users except a special version of Solaris, Net BSD and some other even more super-secret OSs in intelligence and security circles.

          • Jose

            Try:
            http://lmgtfy.com/?q=mac+os+x+viruses
            and be awed at the 0 (zero, zip, nil, nada, zed…) hits ;-)

          • Jabs

            @eric.
            All Operating Systems are subject to virus/trojans and malware. What happens after it gets infected is what you probably are referring to.
            Since Mac OS-X is based upon Linux or FreeBDS, then the Administrative account or ROOT is not exposed like Windows.
            Therefore often when you get infected at the OS level, a simple reboot gets rid of it.
            Apple has recently included Clam-Win Anti Virus as a part of Snow Leopard and since Clam-Win does not do real-time scanning, then moot point as you have to manually scan it to find anything plus update the virus/malware signatures or maybe Apple has an auto-update feature already set to update.
            However, malware/Java Script exploits, etc., can attack the PROGRAMS on any computer including Macs or Apple would not have updated Safari and a host of other KNOWN vulnerabilities.
            It is now an ‘URBAN legend’ that Macs are not susceptible to virus/trojans or malware because ROOT is not exposed. Ever heard of elevated privileges brought about by hackers/virus/malware writers?
            Widows exposes its’ equivalent of ‘ROOT’ (though now less so in Win7-Server 2008R2) while Macs like Linux/Unix hide or isolate you from it and thus safer but not immune as malware/virus, etc., can hide or reside in memory or even your hard drive boot sector.
            Windows gets infected via BOTH the Operating System and its’ installed programs while Mac rarely gets infected via the Operating System but does get infected by the installed Programs such as the Adobe Suites, Flash, Adobe Reader, Safari, Firefox, Lightroom – thus they UPDATE them a lot now.

            I use Windows, Linux and Macs too bud!

        • snafu2010

          Go find a mac user and ask them when’s the last time they had spyware or a virus on their system. Ask them if they ever ran malware or a virus scanner, chances are majority have never done it. One of these days the hackers will arrive no doubt but we’ve been riding a quiet platform for many years.

          For windows, it’s only been 1 year with Windows 7 release. Win7 was an excellent release, rock solid.What’s your excuse for the last 15+ years of insecurity? fumbling with cleaning the registry? scanning for bots? hurrying to update the latest virus library? Don’t even get me started with IE, you can thank Firefox and WebKit for saving your asses while browsing the internet.

          • Jose

            I wonder how a OS X user that does not regularly use anti-malware software knows if it has a keylogger, or a trojan, or something of the sort. Will he/she passively wait until a crook steal his/her identity?

            Now, one of the key points of the article was that anti-malware vendor recognized the more structured/managed approach of Microsoft to security when compared to Apple. Also was pointed out that Mac OS X had (at the time of interview) more published vulnerabilities per user than Windows. The only advantage they give to Mac OS X is the very small user base that does not make an attack as attractive.

            BTW, I’ve been dealing with personal computers for 27 years and didn’t have to wait for Win95 and IE to get the MBR and FAT trashed by a virus. Malware is a fact of life and you can choose to ignore it as long as you prepare for the consequences.

          • Jabs

            @snafu2010.
            How are you?
            Here is a wake up call for you – Just about ALL versions of Windows now has a DLL bug that renders many Programs and the Operating System vulnerable to attacks and Microsoft has a temporary Fix but not a solution yet, as it is part of HOW the Operating System works.
            People in IT are freaking out.
            Win 7 is OK!
            Slower/resource hog but OK as I also use Win7 Ultimate 64 bit and 32 bit. Better than Vista (lol) and a little faster but much more solid, as you say. Love Win7 but also additionally use XP Pro, as it is way faster for some things that I do.

            • Snafu2010

              Are you talking about dll hijacking that was posted on Ars the other day?

              I saw it and thought, glad I don’t have to worry about it at home. I run OS X boxes at home, (little snitch and data is encrypted along with off site backups).

              At work is a different story, I have XP, Vista 32/64, Win7 Ultimate, Win Server 2003. All my machines are imaged so if hacker comes attacking, worst case scenario is to re-image with updated patch. And if I still dont want to ticker with it, I’ll assign someone to fix it. I will get pissed if they attack 2003 machines, that has SQL Server and Exchange setup. Last thing I want to do is rebuild.

              As we’re veering off Nikon topics. I still stand by my preferences, I work on OS X and Windows all day, at home, I’m always on my Mac.

              From my experience in computers (since TI-99/4A) days and building labs for MSFT and AAPL, I’ve only had serious security issues with Windows. Just sayin ;).

            • Jabs

              @Snafu2010.
              Yeah, I agree with you as I too use all that you use, but I prefer Ubuntu Studio 64bit RT kernel, as it is faster than OS-X to me. I use VM’s but I have not seen or know of a way to run OS-X on VM’s within say Linux or Windows.
              My favorite Windows Operating System is Win2003 Server, as it literally flies compared to anything besides Win2000.
              Yeah – been a computer user since C-64, C-128, Amiga 1000 to 3000/4000 days.
              I like Win7 and XP but not Vista.
              Nikon reminds me of a professional computer Operating System with Open GL, so hence my reflection on that here.
              The Amiga was my favorite computer and I still have a few – LOL.
              A1000
              A3000T 040 – shhhh!
              A3000UX
              a bunch of A2000 and A2500 – somewhere.
              Yeah – I was referring to the DLL click/hijacking issue. Microsoft has a slew of temp. fixes for it. See http://www.computerworld.com for links to Microsoft fixes for all of their OS’s.
              We need to discuss these issues, as many photographers are suffering from them.
              Thanks for your input.

  • Martin

    Still not fixed, I agree to that.

    Something on your start page made my browser download a pdf “b557cd” from here:
    qefoma.com:8080/u24/c4a21dcbdaecbd014e31635f0b2ff002.php?showuser=30085732&showforum=yy
    This will not get fixed by blacklist updates.

    (Similar to what I reported today on that other thread. I can’t load that other thread,
    nikonrumors.com/2010/08/25/nikon-patents-update.aspx#comments
    cause it is still blocked.)

    My guess would still be the ads. Turn them off temporarily and activate them separately on some test page. Maybe that hurts revenue, but leaving malware where it is will hurt revenue significantly more.

    @Jay: MacOS may not save you from a malicious pdf.

    Anyway, I avoid this site the next couple of days. Much less hassle than having an infected pc. News will turn up at other sites fast enough for me.

    You should get that really fixed, Admin.

    • http://nikonrumors.com/ [NR] admin

      the site was scanned again today around noon (just 3 hours ago) and nothing was detected – you were probably accessing old cached pages, give it few more hours

      • Joe R.

        Admin,

        I’m curious, and abut worried that this happened. How is it this occured? Are you serving blind ads? Maybe a more reputable ad agency is needed.

        • http://nikonrumors.com/ [NR] admin

          Cannot be the ad agency – I am using the same agency as Macrumors (NetShelter)

      • Martin

        [NR] admin, no local caching, since then, the pdf download would have not started the first time, but only when the malicious code came from cache, which is not likely.

        Further I cleared browser cache before giving it a 2nd try without change.

        But some caching proxy may well have been present.

        Anyway, good to see you care.

  • Benk

    I haven’t had any problems visiting the site in the last few days (and I check the site several times a day). How do I know if I need to worry about this malware? No strange popups came up and nothing out of the ordinary happened at all. Using IE on Windows 7 with all the latest updates for everything.

  • Joe D

    Viruses and malware etc. don’t scare me.

    “I like to live dangerously.”
    - Number Two

  • Anonymous

    I think Nikon planted this malware because it is too slow, stuck at 12mp, and to scare away people. It is like an old jedi mindtrick, you know when the jedi is telling you that 12mp is enough and you answer with yes. That’s exactly how this nasty malware was planted here.

  • http://www.mccrearyrealty.com HomeRentalPro

    Still not vixed for me. The good news for me is that my AVG blocked the malware, but still lets me see the site.
    Good luck getting it off the servers!

  • camaman

    Nikon is trying to prevent leaks of D95/D7000

    That 0r Canon fanboyz are angry because of the lackluster 60D was born to be…

    LOL!

  • Andre

    Cache is all cleared here and AVG says the site is still dirty.

  • JD

    What was the issue? phpmyadmin/database leak on the server?

  • todi

    Oh nikon rumors is down, nikon is probably making announcement tonight…

  • Monty

    How did this happen, Admin?

  • Abhinav

    @Admin : was nikonrumour hacked ? I got worried when java opened as it never happened while browsing NR .

  • http://nikonrumors.com/ [NR] admin

    I am not sure how the malware got on nikonrumors.com, but this type of attacks were described as typical for my host, which means that I will be moving to a new hosting company next week. I am taking this very seriously and will not take any chances. I already found a good dedicated server package, I have to go through the paper work and I will be ready to go. NikonRumors.com may be down again for few hours next week until I transfer everything over. I will let you know in advance.

    • Ronald

      Well…..good luck with it!!!

      • Joe R.

        +1

    • lolcatmaster FTW

      More than your host you should be taking a good look at your blogging software, the problem is that these attacks are due to holes in the software (like Zack Arias with the erectile disfunction medication in the metadata of the site)… One of the advantages of blogger is that this kind of stuff never happens.

    • Abhinav

      ok ..:) thats nice:)

      also seems like google has cleared it :) now blog is functioning properly again :)

    • JD

      “but this type of attacks were described as typical for my host”

      ^ Then I can tell you, that it is in 9 cases out of 10 a leak with the database server or with the phpmyadmin database administration.
      Which in other words mean, as a client using shared hosting, there’s no way of protecting yourself against it. The hosting company should keep things up to date and as secure as possible. Phpmyadmin interfaces are known to get hacked with malware/spam injections quite frequently.

      A dedicated server hosting will help you against this, especially if you run the database so it’s only accessible from localhost ports & sockets.

      Good luck :)

      • http://nikonrumors.com/ [NR] admin

        yes, the grid server was useful because it could handle any type of traffic where a normal dedicated server would probably crash. I am not moving to a dedicated server and will probably move the database to a separate dedicated server – must see how it will go.

    • http://dahlfors.net JD

      Oh, and as an extra security measurement: Protect the wp-admin folder, php-myadmin folder access and similar private admin interfaces with extra protection in the form of Apache .htaccess passwords.

      That will protect you against the majority of automated attacks looking for vulnerabilities at these admin interfaces (on most servers, you can see hundreds of these automated attacks in the logs – EVERY day).

      The apache .htaccess protection MIGHT protect against known security issues in wordpress as well, although you can’t take that for granted.

  • http://nikonrumors.com/ [NR] admin

    I am basically now waiting for Google bots to scan NR again and lift the security alert.

    • Global

      Can you make sure its not one of your Advertisers? DeviantArt is INFAMOUS for its flash advertisements having had tons of viruses left and right. It depended on the individual advertiser and their attempt to gain detailed information at the user base.

      • http://nikonrumors.com/ [NR] admin

        My only scripts from advertisers are Google and Amazon, I think they are safe – everything else is just a hyperlinked image without any script behind it.

  • Sven

    It was NR Admin himself who placed some malware on his website.
    Because, he wants to check every computer who visits NR if the person has more info that is not publiced yet.
    If the sources remain silent he may even hack intro the Nikon network ,just to keep us posted, isnt that nice ?:D

    • Global

      Are you high?

      Admin does a good job.

      • Joe D

        Are you high? If so, not on weed. He was just joking.

  • Gordon

    Can you please post more information about the malware attack, such as the time/date it was first found and the name of the malware? My work PC seems fine but I will have to scan my home PC.

  • hah

    so did the malware steal our registration info with NR? should we be changing passwords etc?

    • http://nikonrumors.com/ [NR] admin

      no, I do not believe any passwords were compromised – the blog doesn’t require any passwords and the forum was not infected by the malware

  • http://nikonrumors.com/ [NR] admin

    I am getting this dedicated server and it should also improve the performance of the blog:

    Dual QuadCore Intel Processor
    4 GIG RAM
    2×500 SATA RAID 1
    15 Mbps bandwidth
    Debian Linux

    In addition, I have someone working on optimizing the whole site. I will try to get everything done before the next announcement.

    • FakeKenRockwell

      @admin, I’d recommend Contegix for hosting, let me know if i’d like a referral.

      • http://nikonrumors.com/ [NR] admin

        thanks, I am going with Nationalnet

    • benS

      just 2 x 500 SATA RAID 1 ??? Go for SAS disks then do RAID 5 or better yet do RAID 10 :)

      • http://nikonrumors.com/ [NR] admin

        All NR images are 100MB, the database is another 20MB – I do not need more storage, there are external backups as well. Of course I can always add more if needed.

        • benS

          oh. I meant SAS disks are faster than SATA 2 disks :)

    • Jabs

      Hey Administrator,
      You don’t have enough memory – try at least 8 gigs.
      You probably need at least three hard drives. Two 500 gigs and one 1-2 terabyte drive for backup/quick restore or you can put each PART of the site on its’ own dedicated hard drive and then back it up separately.

      Actually, your approach is what is wrong.

      You should be using VM’s within Linux and then you have two layers of protection (the actual Operating System and the VM or virtual machine housing its’ own Operating system).
      Each part of your site would be run on a VM (Virtual Machine) and thus isolated from everything. Now, when something goes down, you re-BOOT the VM and not your whole server.
      Look at http://www.virtualbox.org/

      Then ask or hire someone who knows how to set up a server, VM’s and Database systems.
      You might also need a more robust RAID setup with redundancy too.
      It is NOT the hosting company that perhaps is at fault, as the attacks were against KNOWN flaws in Browsers/Java Scripts and Windows.

      I’ll send you my Consultation bill virtually too – LOL!

      • http://nikonrumors.com/ [NR] admin

        Jabs, I will make upgrades if needed – I need to start using the new server first and see how it handles the load. Most of the components are hot-swappable and can be upgraded without visible interruption. I may need to get a second server for the database because I of the amount of queries the blog is generating. Again, I have to start first and get some feedback. I now have managed hosting, which means that I will have somebody available to help me out when I need to upgrade/make changes. I was limited with my current host – it was a grid setup, which was good to a point because it could handle any traffic. I may be moving everything over on Monday or Tuesday.

        • Jabs

          @Administrator,
          The approach that I was talking about but did not know if you would understand it, was one where you have the Administrative parts on a Server that you control and the rest in the ‘Cloud’ for quick expandability when demand exceeds a certain pre-determined capacity.
          You use VM’s in the area YOU control and then also ask the ‘Cloud’ operator to set up VM’s plus you backup everything in Redundant arrays or whatever way, such as VM images and then if something goes awry, you reboot the VM’s and not the whole Server(s).
          Almost all of the Cloud Services use VM’s and then if infected, they simply REBOOT and in a few seconds, infection is GONE and you are back online. Isolation is the real strength as YOUR ADS or people Home Page links is probably where the problem came from.
          You are cutting off your nose to spite your face – as you NEED the Cloud Services and then you Administrate the section that needs constant attention on YOUR OWN Server which points to the Cloud. Now, all you have to worry about is what you use to link to the Cloud (no IPhones – lol – for example wen on vacation) and how secure are your Passwords and the connections that you use. The Server that you speak of cannot handle much and thus even more problems, if a surge of demand comes suddenly. Google and Facebook have similar problems and thus why Google banned IE6 from use by their WORKERS.
          It is NOT what software that you use but it is HOW you isolate PARTS of your web site that precludes attack or allows you to quickly come back from one – right now, you are wide open especially since you are telling us here what you USE and how – lol!
          Database in the Cloud (quick expandability per demand) – CONTROL and Administration on YOUR Server and a secure LINK to them plus redundancy, perhaps!
          VM’s and isolation from each other = KEY.
          Stuff happens no matter what you do, so a quick reboot solves much!
          Next:
          If you are hosting your site on your own, then you need Intel Xeon’s or AMD Opterons and not consumer chips no matter how fast they are. Go to http://www.tyan.com or just get a small RACK MOUNT Server with 2 quad core Xeons or even 2 hexa (6) core Opteron server processors – the Rack mount servers start at about $2,000 US or less and go up according to the memory that you install. It sounds like you are going that route as you mentioned HOT SWAPPABLE components. Rack Mount (the company – google them as I think they changed their name) and others have custom Server and Hosting solutions, so look there perhaps as the Hardware based Companies know how to do things better in the Commercial space – when you traffic really gets heavy.
          2 quad core processors = 8 cores
          2 hexa core processors = 12 cores
          YOU do not need processor SPEED as much but you need scalability from the 64bit processor and even 64bit Database, 64bit VM’s and a 64bit Operating System (Linux), as in an ability to react to sudden surges – the opposite of consumer processors. I would use Red Hat or OpenSuse – look here: http://distrowatch.com/

          Send my check in the mail – lol!
          - OR – send me a D3100 and/or a D3S … lol!
          Adios!

          • http://nikonrumors.com/ [NR] admin

            Jabs, the solution you proposed is too complicated for me – I am not sure I can handle it:) This is why I went for managed hosting, to get help when I needed. Maybe in the future I can consider your suggestion. Thanks!

  • BenS

    damn ! this is the first time i saw this happen to my beloved nikon rumors. It only means one thing, nikon rumors is very popular :) Someone out there is not happy.

    Btw did nikon rumors leak tons of highly classified photos taken by coalition forces using D3X and D3S or possibly D4 cameras in Iraq or Afghanistan :) :) :) joke only.

    Anyways, ya go find a better company to host nikon rumors :) Keep up the good work ADMIN !!!

    • http://nikonrumors.com/ [NR] admin

      Thanks, in a way this is a good thing, I do need to move to a faster server and now I have a reason – in the past 30 days NR got 3,414,800 pageviews from 602,631 absolute unique visitors! No wonder everything is running slow.

      • Enesunkie

        I predict that in the days leading up to September 15th, that those numbers will go up significantly! It had been a long time since Nikon announced a new DSLR, but if a D3100 stirred up that much interest, I can’t image the numbers of people looking for a glimpse of the D7000!

        Oh and while we’re on the subject of cameras again :) , there are a lot of sad faces over in the Canon camp. The 60D isn’t the camera that a lot of Canon owners were waiting for. A lot of “I’m switching to Nikon” going on.

      • Joe D

        That’s a lot of money I mean visitors!

    • Anonymous

      “Someone out there is not happy.” – IT IS ME!

  • Merv

    Looks like it is working fine now, nice work

    But surely these guys who did this malware thing on nikonrumors would have thought of a better target? I imagine most who come to this site do have some know-how on computer software and security

    Malware for instant messaging on mobile phones would be far more “effective”

    • http://nikonrumors.com/ [NR] admin

      Merv, I do not think this was a targeted attack – I think those type of malwares jump from site to site. It is interesting that leicarumors and photorumors did not get infected, even though there are hosted with the same company.

      • Joe R.

        yet.

  • Ren Kockwell

    You rule. Thanks for keeping us informed. I know maintaining a site is far from easy. A pox upon the hackers!

  • http://www.nikonblog.net Paul Vachier

    The problem is you are using WordPress which is full of security holes that hackers can exploit. You need to be very diligent about installing the latest security updates from WordPress to help prevent this but it will always be a cat and mouse game…

    Good luck!

  • http://www.bernardovaghi.com.br Bernardo Vaghi

    If the D90 replacement doesn´t have full manual video controls, i will cry like a baby.

  • http://www.fotopratica.it/ Fotopratica

    Hi guys, thanks for informations, have a nice work now…

  • dgm

    A rather sure way to be safe whilst browsing, even on windows;

    On your machine setup Virtualbox (it is free); inside virtualbox set up a guest windows (we all have old windows licences lying around) or even better Linux (which is free).

    Once that’s done make backup copy of your virtual machine for later; Only access Internet from the guest VM, never the host machine. If the guest ever gets badly infected, just overwrite it with your backup VM, job done, usually in under 5′ and your host machine with your precious files will never be destroyed.

    You can even sanitize all your emails via the guest machine, saving to the host only those files which are safe.

    Just my €0.02

    Didier

  • jeb bush

    my Firefox is still blocking this page, saying it’s a reported attack site.

    • Ren Kockwell

      That’s because it realizes you’re George Bush’s brother.

  • Nikon D7000

    Good news! NikonRumors.com is clean! It’s mean, it can start to give us more rumors, specs and spy shots about Nikon D7000! So, I’m ready and I’m waiting! :)

  • http://mig.hyper.fi/ Mikael Willberg

    Mmm, I find it still a bit unclear what happened.

    Was the downloading code/script inserted to wordpress templates / plugins / database ?
    Or was the script originating from some external source as ad-publisher ?

  • http://www.nikonblog.net Paul Vachier

    Tips to make WordPress more secure:

    http://codex.wordpress.org/Hardening_WordPress

  • 2cents

    I just pulled up the site this morning and got a pop-up that said:

    “These are not the cameras you are looking for…”

  • Back to top