No one’s ignoring it – I jumped on it quickly last night and reviewed the site
for several hours. Two of us that are admins have looked and see nothing amiss
– our views of the website on desktop and mobile both are clean, and the
screenshots that have been shared, at least /I/ can’t replicate, even on my own
Android mobile devices.
Not discounting that we’re missing something, possibly… but I have a stronger
belief that certain mobile devices themselves may have been compromised rather
than the site, from what I see so far. I can’t speak for the other admins, but
the ID/password I use for NCrockets.org is entirely different from anywhere
else, and I have actually changed the password already, just as a precaution.
(KeePass for the win.)
From: ncrockets-bounce@xxxxxxxxxxxxx <ncrockets-bounce@xxxxxxxxxxxxx> On Behalf
Of Bradley Pearce
Sent: Tuesday, July 10, 2018 9:46 AM
To: ncrockets@xxxxxxxxxxxxx
Subject: [ncrockets] Re: Web site hack? Please check website
Hi.
I’ve only been to one launch and only lurk here. As someone who used to own and
operate a web hosting company, I strongly advise against ignoring the problem
because it might “make things worse”. They pretty much the absolute worse thing
you can do.
I would shut that server down now. Change all passwords and start a security
audit until the hole is found. It could be an issue outside of the server,
such as an admin using the same password as other services or an admin’s
personal computer compromised. Don’t ignore and hope for the best.
Best regards,
Bradley Pearce
On Jul 9, 2018, at 9:37 PM, Alan Whitmore <acwhit@xxxxxxxxx
<mailto:acwhit@xxxxxxxxx> > wrote:
Brian,
The site is only hacked for users of hand-held devices, maybe
only Android users. If you check in through a standard desk-top or lap-top,
everything is fine.
It would be nice to have it fixed, but how to proceed? If the
person who originally hacked the site were to wait several months for the
malodorous results of his or her villainy to stink the place up, and then come
in and offer to fix it, and in the process compromise the internet security of
every single person on this list, that would be a bad thing. What I and every
one else on this list would like to do is not make things worse than they
already are.
A
From: ncrockets-bounce@xxxxxxxxxxxxx <mailto:ncrockets-bounce@xxxxxxxxxxxxx>
<ncrockets-bounce@xxxxxxxxxxxxx <mailto:ncrockets-bounce@xxxxxxxxxxxxx> > On
Behalf Of Brian Higgins
Sent: Monday, July 09, 2018 8:43 PM
To: ncrockets@xxxxxxxxxxxxx <mailto:ncrockets@xxxxxxxxxxxxx>
Subject: [ncrockets] Web site hack? Please check website
Looks like the site fot hacked. Let me know I can help clean up if needed.
Brian