>From our side this hack appears to have been inserted yesterday during the >Superbowl. The offending IP seems to have come from China. It got three of our >sites on different servers. Only sites with an application.cfm file were hit. >Sites using application.cfc were untouched.
Robert Harrison Director of Interactive Services Austin & Williams Advertising I Branding I Digital I Direct 125 Kennedy Drive, Suite 100 I Hauppauge, NY 11788 T 631.231.6600 X 119 F 631.434.7022 http://www.austin-williams.com Blog: http://www.austin-williams.com/blog Twitter: http://www.twitter.com/austin_williams -----Original Message----- From: Robert Harrison [mailto:[email protected]] Sent: Monday, February 04, 2013 9:49 AM To: cf-talk Subject: RE: Possible Hack? Checking, all of the sites we have that use an application.cfm file appear to have gotten this hack. The newer sites that use the application.cfc file appear to be untouched. We had at least three servers hit with this. Robert Harrison Director of Interactive Services Austin & Williams Advertising I Branding I Digital I Direct 125 Kennedy Drive, Suite 100 I Hauppauge, NY 11788 T 631.231.6600 X 119 F 631.434.7022 http://www.austin-williams.com Blog: http://www.austin-williams.com/blog Twitter: http://www.twitter.com/austin_williams -----Original Message----- From: Robert Harrison [mailto:[email protected]] Sent: Monday, February 04, 2013 9:38 AM To: cf-talk Subject: RE: Possible Hack? We got hit with that exact hack on Sunday, and we have all patches and updates installed up to date. Robert Harrison Director of Interactive Services Austin & Williams Advertising I Branding I Digital I Direct 125 Kennedy Drive, Suite 100 I Hauppauge, NY 11788 T 631.231.6600 X 119 F 631.434.7022 http://www.austin-williams.com Blog: http://www.austin-williams.com/blog Twitter: http://www.twitter.com/austin_williams -----Original Message----- From: Mike K [mailto:[email protected]] Sent: Sunday, February 03, 2013 8:10 PM To: cf-talk Subject: Re: Possible Hack? I have had this same code added to one of my sites too. (I'm checking now to see if it's just one) Did you find out yet where the access point was to modify your code? Cheers Mike Kear Windsor, NSW, Australia Adobe Certified Advanced ColdFusion Developer AFP Webworks http://afpwebworks.com ColdFusion 9 Enterprise, PHP, ASP, ASP.NET hosting from AUD$15/month ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:354265 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
