Afternoon,
After rebuilding the entire site from SVN and removing the offending code. This site is back online. Please let me know if you are still experiencing any issues with the site.
How it happened – As mentioned before one of the admin accounts was compromised. The attacker then created a new Block into the website. Blocks allow content to be inserted into the theme template files. The block contained an iframe that took the user offsite.
I believe that this problem has been remedied. I will be monitoring the site closely for the next week to ensure that this issue is fixed.
Thanks for your patience with this matter while I was out of office.
All,
Just so everyone knows we have taken EPIC offline. We have discovered that an intruder has injected malware into the site and is potentially infecting IE users. Matt is in the processes of scanning the site looking for malicious code. He will bring the site up only after he is convinced the problem has been erased.
FYI, we believe the intruder gained access by to EPIC using the username and password of an admin account. Once they were logged on they were able to inject the code and also send spam messages to registered users.
We have sent an e-mail to all registered users and we will put a notice on EPIC.
Fyi, Nathan is out this week on vacation. Matt is helping out with the technical side. I am actually leaving tomorrow morning for vacation. Please include Matt, Nathan and Denis on any communications.
Ian
Ian Skerrett
Director of Marketing
Eclipse Foundation
613-224-9461 ext. 227
blog: ianskerrett.wordpress.com