Previous forum exploit

Hello, I was instructed to post a thread here regarding an exploit that recently hit this forum (a few weeks ago I believe). I've tried contacting the webmaster (webmaster@aruino.cc) a couple weeks ago, but no reply as of yet.

I'm looking for information on solving this exploit, as I have a site that has the exact same symptoms. Completely random traffic2bitcoin redirects for users and a rogue google-analytics.ga script.

The thread I found about this was located here: https://forum.arduino.cc/index.php?topic=457799

I was looking for some advice on how to get rid of this completely. It's a vBulletin forum, and the google-analytics.ga script is not being added anywhere in the style templates. Any reply, private message or advice from a forum administrator (or anyone with knowledge about it) would be awesome.

You may be better asking on the forum section of the Arduino GIT.

That does get frequented a little more than this (ok a lot)

The most information we've received from the webmaster is found in this post-mortem: https://forum.arduino.cc/index.php?topic=468213.msg3221384#msg3221384

“I was instructed to post a thread here regarding an exploit that recently hit this forum”
You have one post.
Who are you.
Why were you instructed.
Maybe you are the person who caused the problem in the first place.

.

Thanks @ballscrewbo, I will have a look there.

@pert, unfortunately this is the very thread I found (and posted in the OP) when searching for help with this issue. Thanks though!

@LarryD |500x150

I wanted to keep this out of the public to avoid posts such as yours. However, as I stated already, I was unable to get in contact with an administrator through forms I could find publicly.

jacibo8's issue report on the arduino-forum issue tracker: https://github.com/arduino/forum-issues/issues/236

jacibo8: this is the very thread I found (and posted in the OP)

Wrong. The link you posted is to a completely different thread ("Redirected on login - Captcha / no Robot?" vs. "Warning - Porn links on Login"). Did you take the time to actually read the reply I linked to?

pert: jacibo8's issue report on the arduino-forum issue tracker: https://github.com/arduino/forum-issues/issues/236 Wrong. The link you posted is to a completely different thread ("Redirected on login - Captcha / no Robot?" vs. "Warning - Porn links on Login"). Did you take the time to actually read the reply I linked to?

Ah, yes you are correct. I simply made the mistake of thinking that Administrators post was in the thread I linked to. The thread I linked to was the one I copied from my messages with the moderator. Simple mistake of assuming on my part. Your thread was the actual one that I found when searching for similar issues.

Cool. I hope you are successful in solving your problem. I really don't understand the people who do these things. I'd rather scrape by earning an honest living than get rich causing problems for others.