Sorry about that Options

[Somey]

As many of you know, each year around this time, we like to have a little "technical crisis" which usually involves the board being down for anywhere from a day to a week. We like to think of it as our "little annual vacation."

In this case, the entire site was victimized by a rather malicious "hack" that took advantage of a vulnerability in our WordPress blog, which I, your friendly neighborhood Somey, had failed to upgrade to the latest (less vulnerable) version. I can make the usual excuses, like "it's not my full-time job," and "these WordPress upgrades are always dicey anyway," and "I forgot we actually had a WordPress blog," among many, many others. But for my own limited role in this particular incident, I humbly apologize.

We'll be reinstalling the newer, more fabulous version of WordPress here within the next 48 hours or so, but until then the blog will have to remain inaccessible, I'm afraid.

Finally, there's the question of viruses, trojans, and other malware. We don't believe the hacked pages here on Wikipedia Review were coded to deliver any actual viruses, but we unfortunately can't honestly assure visitors that if the pages in question managed to redirect them to other sites, that those sites wouldn't have attempted to do such terrible, horrible things. This doesn't seem to have happened to anyone we know of, but nevertheless, now might be a good time to ensure that your antivirus software is working and up-to-date! (And maybe do a scan too, just to make sure.)

You can never be too careful!

[Somey]

OK, I take that last part back - apparently the main index.php file, and only that file, was encoded to try and load an ActiveX control known as "JS_DLOADER," which (if allowed to run) would then handle the redirection to other websites, if not attempt to download stuff from them directly. That particular file was removed from circulation as soon as we could manage it, but I'm afraid it had been in place for nearly 7 hours by then.

But in a sense, the first pare of that is actually good news, because it not only explains the fact that Firefox users weren't affected, but also why many (if not most) IE users weren't affected. Most IE users these days don't allow ActiveX controls to be loaded and run without at least prompting the user first, even if (or rather, particularly if) an anti-virus program isn't installed.

Nevertheless, if your security settings are, shall we say, unusually optimistic, then you might want to search your computer for a recently dated file, most likely named "JS_DLOADER.DAT" or something similar (and be careful not to delete anything important, like your JScript Runtime Environment files).

Again, most (if not all) up-to-date anti-virus programs would have caught this and prevented it, but just in case, here's a page on the "Typical Virus Removal Procedure" from the Spyware and Malware Removal blog:

http://spyware-malware-removal.blogspot.co...-procedure.html

Last but not least, this sort of "mass SQL injection" exploit seems to be all the rage lately in the 1337 H@xx0R!!11 community, and has apparently been used to mess with thousands upon thousands of websites all over the world. So, it's with considerable regret that I'm forced to conclude that this was not a Wikipedia-inspired conspiracy or elaborate revenge plan. Not that I would have assumed anything like that, mind you.