This evening when I tried to log onto the Owners Site I was taken to a website called 'Drupal'. I tried my office computer and was able to lob onto the site to make this post, using Firefox only! When trying to logon using IE, I was taken to 'Drupal'. Anyone know what's going on?

I checked the spelling on the address bar to assure myself I was trying the correct website and found it to be correct.

I had the same problem getting in, went to google & got in through a old post.

I just log on but I use Firefox. I just tried IE and was able to log on also. Either the problem is fixed or I just don't have the problem.

The problem is still there.

If I click on my bookmark, which is http://www.trailmanorowners.com/forum/index.php
I get right onto the site. If I take off the /forum/index.php I find myself on "Drupal". Now that is weird, never had that happen before. This is happening both on IE and Firefox.

I first heard of this yesterday. I have alerted Chris, though I'm not sure that the problem is anything on this site.

According to Google, this is an attempt to distribute malware! Drupal itself is a legitimate site, but someone is using it for nefarious purposes.

Google "drupal malware" to get an idea of what is going on.

Do not respond to anything it asks you to do. In particular, take note of whether or not the fake site already has your UserName and Password field filled in!

This is not a browser issue (Firefox vs IE or whatever). This is not a TMO forum issue. It is an intentional hijacking, somewhere out in the Internet world!

THE DRUPAL PAGE THAT COMES UP IS A FAKE! IT DOESN'T LOOK ANYTHING LIKE THE REAL DRUPAL PAGE. DO NOT CLICK ANYTHING ON THIS FAKE DRUPAL PAGE!

Bill

Chris is working on this. When he has it solved, he will post the real info. In the meantime, I am not an internet IT guru, but let me tell you what I think is going on.

This is a malware attack. "Someone" is redirecting attempts to reach www.trailmanorowners.com - redirecting it to a fake website. Although Drupal is legitimate, the page where we are being taken is not the Drupal page. It is a fake page, created by someone for nefarious purposes. This action has happened to many websites recently. It is not limited to TMO, is not part of TMO, and it is not even particularly related to TMO.

If you Google "malware drupal", there are several pages about it.

Here is what I think is happening. When a web site asks you to log in, you fill in your username and password, and click "Login". When you click, the browser sends the info to the site. The first time you visit a site, the browser will offer to remember the info, and fill in the blanks automatically next time you visit the same site. This is a convenience feature - you don't have to remember the username and password yourself. You can accept or decline this offer - the choice is yours.

So far nothing new, right? I like this feature, and I use it on websites like TMO and other innocuous sites. I don't use it - no one should - on web sites like my bank or credit card accounts.

The purpose of this malware attack is to take advantage of the browser's willingness to memorize your password. In this case, when I try to go to TMO, it brings me to the fake website, where I am invited to sign up for Drupal. My browser doesn't realize that the redirect has happened - it still thinks we are at TMO - so when it sees the request for username and password, it happily fills in my TMO info, and waits for me to click "Login". Again, that's because I have told it to do this when I visit TMO. It is not a bug in the browser, and it is nothing having to do with the TMO forum. But if I had pressed "Login" on the fake Drupal site, my username and password would have been sent to the fake site, and whoever is out there would have recorded it.

One of the basic rules of the Internet is "don't click on anything you don't know". This is a classic example of why the rule exists. In my case, I didn't click, so the bad guys did not get a copy of my password.

So why would anyone care about getting my password for TMO? They don't. But unfortunately, most people use a single password for all the sites they log into. And if I had used the same password for access to my bank or credit card account, and if I had clicked "Login" ... Well, you see where this is going. My bank account would be empty this morning.

Another basic rule of the Internet. If you don't want to use a different password for every site (and most people don't), at least use a special password for financial sites. If your name is John and you want to use "John1234" for fun sites, that's OK. But pick something different (and harder to guess) for sites where a bad guy could really harm you.

I hope no one got hurt here.

Bill

I was wondering if anyone who has had this problem has identified any malware or bots on a full scan from their antivirus program, or more specifically from a malware protection site such as Spybot?

Just curious, I would think the malware would have to put some code locally to redirect, which is what these programs are looking for.

In case you have not heard of it, Spybot Search and Destroy (http://www.safer-networking.org/en/index.html)

Bill,

I know the "easy" password is the tempting way to go BUT---don't!
I had my facebook and fun email accounts hijacked by someone who figured out my password (same on both accounts). They then emailed all of my contacts saying I was traveling in Scotland and had been robbed at knifepoint. Asking for money to get back home, "I" responded to several of my friends and family (NOT)! Two, were seconds away from sending me money. I had no idea a seemingly harmless fun email site could cause this much anxiety.

Not only did they break the password, they changed it and responded to my mail! My mom wrote them that she hoped they'd rot in jail - gotta love Mom. It took a couple of weeks to get things back to normal and lots of headaches. I've never done financial work on the computer and never will.

Change your passwords! Use a combination of upper and lower case letters and numbers. Don't use the same ones for different accounts (try for something that reminds you of that site if you must). You can't be too careful.

Judy
2010 Trailmini
2007 Chevy Avalanche

Bill,

I know the "easy" password is the tempting way to go BUT---don't!
I had my facebook and fun email accounts hijacked by someone who figured out my password (same on both accounts). They then emailed all of my contacts saying I was traveling in Scotland and had been robbed at knifepoint. Asking for money to get back home, "I" responded to several of my friends and family (NOT)! Two, were seconds away from sending me money. I had no idea a seemingly harmless fun email site could cause this much anxiety.

Not only did they break the password, they changed it and responded to my mail! My mom wrote them that she hoped they'd rot in jail - gotta love Mom. It took a couple of weeks to get things back to normal and lots of headaches. I've never done financial work on the computer and never will.

Change your passwords! Use a combination of upper and lower case letters and numbers. Don't use the same ones for different accounts (try for something that reminds you of that site if you must). You can't be too careful.

Judy
2010 Trailmini
2007 Chevy Avalanche

I learned to play row, row, row your boat on a xylophone in 3rd grade by the numbers. 27 digits that I can type in very quickly. If you knew it was that song, it would not be difficult to find the numbers. But guessing a 27 digit number will take awhile. Drives my wife nuts.

Typically I just use part of it, with some characters on each end that are easy for me to remember, like the initials of various classmates.

I have to change my passwords at work every 90 days. Fortunately, I only have around 10 accounts to change.

CHRIS FIXED IT LAST NIGHT.

I don't know if we will post all the geeky details, but I had a note from him this morning, and everything seems to work as it should.

Thanks, Chris.

Bill

Anyone have any idea about getting of being logged into 'Drupal' when I try to access the TrailOwners website using Firefox? It is getting to be a pain to go around my elbow to get to the site. Anyone else still having this problem? If not and you used to, how did you get rid of Drupal?

Thanks

I use Firefox here with no problems. You might try clearing your Firefox cache --> Tools/options/advanced-network tab -->Clear Now --> restart Firefox. This has fixed many weird problems that i have had in the past with Firefox.

Tim

Thanks! I did just as you suggested and it worked like a charm!

I use firefox also but it set to clear everything on shut down, closure of the browser. I also run Advanced Uninstaller Pro, quick clean utility on shutting down the computer to cleanup all the other bits and pieces of stuff left over.