Chronoforms website Hacked
Moderator: JED Team
-
- Joomla! Apprentice
- Posts: 9
- Joined: Tue Aug 20, 2013 11:23 pm
Chronoforms website Hacked
Does anyone know how to get the status of the fix for Chronoforms? Their site (Chronoengine.com) has been blacklisted for a few days (according to Norton - says "malicious Javascript", Sucuri, etc.) I have been successfully using Chronoforms for a few years, and would hope this would get fixed.
Can't find any info on Facebook or Joomla! Extensions Directory page.
Any suggestions?
Can't find any info on Facebook or Joomla! Extensions Directory page.
Any suggestions?
Last edited by mandville on Wed Jun 08, 2016 8:11 pm, edited 2 times in total.
Reason: retitled to be more descriptive
Reason: retitled to be more descriptive
-
- I've been banned!
- Posts: 13639
- Joined: Sun Jul 05, 2009 3:30 am
- Location: Canberra, Australia
Re: Chronoforms Hacked
I have noticed this too. Although the website is (from what I have observed) "safe", it is only when you try to access topics in the forum that the browser throws a "Reported Attack Page!" message in your face. It may also depend on which browser one uses, too. In my case, I see the message in Firefox but not in Google Chrome, Internet Explorer or Safari. So it might be a "false positive" and not a genuine problem.
As far as obtaining the status of the development of Chronoforums is concerned, development of this product seems to have ceased or the developer has abandoned it. [ redacted ]
Cheers
As far as obtaining the status of the development of Chronoforums is concerned, development of this product seems to have ceased or the developer has abandoned it. [ redacted ]
Cheers
Last edited by toivo on Mon Jun 06, 2016 5:40 pm, edited 1 time in total.
Reason: mod note: redacted self promoting link
Reason: mod note: redacted self promoting link
- anibal_sanchez
- Joomla! Explorer
- Posts: 487
- Joined: Sat Mar 17, 2012 3:01 pm
- Location: Oviedo, Asturias, Spain
- Contact:
Re: Chronoforms Hacked
@anibal_sanchez - Former JED Team Leader.
Prefix PHP Libraries & Projects: https://php-prefixer.com
My Extensions: https://extly.com
Prefix PHP Libraries & Projects: https://php-prefixer.com
My Extensions: https://extly.com
-
- Joomla! Apprentice
- Posts: 9
- Joined: Tue Aug 20, 2013 11:23 pm
Re: Chronoforms Hacked
How can I tell if development has ceased on an extension?
What criteria is used to determine an extensions is vulnerable? Guess I'll try reporting this one...
Norton SafeWeb says chronoengine.com is unsafe:
https://safeweb.norton.com/report/show? ... engine.com
And Google Safe Web agrees:
https://www.google.com/transparencyrepo ... engine.com
Also, until I turned the registration form (made with Chronoforms) off, confirmation emails had mostly stopped. But the records did get written to the database...
I don't think this is false positive - Google specifically lists some malicious looking redirects; yet they don't block the site - only Norton does? I don't get it.. Maybe they only block the specific pages, not the entire site.
What criteria is used to determine an extensions is vulnerable? Guess I'll try reporting this one...
Norton SafeWeb says chronoengine.com is unsafe:
https://safeweb.norton.com/report/show? ... engine.com
And Google Safe Web agrees:
https://www.google.com/transparencyrepo ... engine.com
Also, until I turned the registration form (made with Chronoforms) off, confirmation emails had mostly stopped. But the records did get written to the database...
I don't think this is false positive - Google specifically lists some malicious looking redirects; yet they don't block the site - only Norton does? I don't get it.. Maybe they only block the specific pages, not the entire site.
-
- I've been banned!
- Posts: 13639
- Joined: Sun Jul 05, 2009 3:30 am
- Location: Canberra, Australia
We do not know if Chronoforms has been hacked or is vulnerable ...
I do not know anything about Chronoforms, sorry; I can only speak about the development and use of Chronoforums. Even though—in my earlier reply to you— Toivo considered a link to my blog specifically about Chronoforums was "self-promoting" (and I won't argue whether or not it's appropriate to refer to one's experiences with certain products on this forum), I cannot comment otherwise on the development status of Chronoforms, sorry.
As far as I am aware, Chronoforms is not vulnerable as a Joomla extension. There are issues with parts of the developer's website, yes. Have you notified the developers at chronoengine.com and asked if they are aware of problems with their website?
As far as I am aware, Chronoforms is not vulnerable as a Joomla extension. There are issues with parts of the developer's website, yes. Have you notified the developers at chronoengine.com and asked if they are aware of problems with their website?
I think that's something that the developers would be better able to respond to.jerseygirl wrote:Also, until I turned the registration form (made with Chronoforms) off, confirmation emails had mostly stopped. But the records did get written to the database...
- bgrinter
- Joomla! Apprentice
- Posts: 38
- Joined: Wed Jan 03, 2007 2:06 pm
- Location: Sydney
Re: Chronoforms Hacked
I notice Chronoforms has turned up on the VEL list and Google now advised the following
https://www.google.com/transparencyrepo ... engine.com
It looks like its their forums that have been compromised, I don't think its been abandoned as there appear to be recent announcement posts (I'm not going to click through for now...)
I'll check back on their site in a couple of days
Be a pity if it is abandoned - makes for a great contact form app.
Regards,
Brian
https://www.google.com/transparencyrepo ... engine.com
It looks like its their forums that have been compromised, I don't think its been abandoned as there appear to be recent announcement posts (I'm not going to click through for now...)
I'll check back on their site in a couple of days
Be a pity if it is abandoned - makes for a great contact form app.
Regards,
Brian
Brian
- fcoulter
- Joomla! Ace
- Posts: 1685
- Joined: Thu Sep 13, 2007 11:39 am
- Location: UK
- Contact:
Re: Chronoforms Hacked
Chronoforms has been listed on the VEL on the grounds that the developer's site is infected with malware, so it is unclear whether anything downloaded from the site is safe. We are attempting to contact the developer to establish the status of the extension.
We are not aware of any recent reports regarding vulnerabilities in Chronoforms itself, but that does not mean that there are not any, simply that, if there are, they are not public knowledge. However it is possible that the extension itself remains safe to use for now, but with caution.
What I would suggest is that, if you are using Chronoforms, you monitor your site logs for attempts at an attack through the extension. If you do uncover something that looks like a new attack then the VEL would be interested to hear from you.
We are not aware of any recent reports regarding vulnerabilities in Chronoforms itself, but that does not mean that there are not any, simply that, if there are, they are not public knowledge. However it is possible that the extension itself remains safe to use for now, but with caution.
What I would suggest is that, if you are using Chronoforms, you monitor your site logs for attempts at an attack through the extension. If you do uncover something that looks like a new attack then the VEL would be interested to hear from you.
- anibal_sanchez
- Joomla! Explorer
- Posts: 487
- Joined: Sat Mar 17, 2012 3:01 pm
- Location: Oviedo, Asturias, Spain
- Contact:
Re: Chronoforms Hacked
Hi,
Chronoforms has been unpublished from JED (until VEL status is cleared).
Regards,
Chronoforms has been unpublished from JED (until VEL status is cleared).
Regards,
@anibal_sanchez - Former JED Team Leader.
Prefix PHP Libraries & Projects: https://php-prefixer.com
My Extensions: https://extly.com
Prefix PHP Libraries & Projects: https://php-prefixer.com
My Extensions: https://extly.com
- mandville
- Joomla! Master
- Posts: 15152
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: Chronoforms Hacked
i understand this was due to the linking of the extension from jed to an (multiple reported) infected site not the vel listinganibal_sanchez wrote:Hi,
Chronoforms has been unpublished from JED
,
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
- anibal_sanchez
- Joomla! Explorer
- Posts: 487
- Joined: Sat Mar 17, 2012 3:01 pm
- Location: Oviedo, Asturias, Spain
- Contact:
Re: Chronoforms Hacked
Yes, you are right. JED cannot redirect unwarned users to an infected site.
Regards,
Regards,
@anibal_sanchez - Former JED Team Leader.
Prefix PHP Libraries & Projects: https://php-prefixer.com
My Extensions: https://extly.com
Prefix PHP Libraries & Projects: https://php-prefixer.com
My Extensions: https://extly.com
-
- Joomla! Apprentice
- Posts: 9
- Joined: Tue Aug 20, 2013 11:23 pm
Re: Chronoforms Hacked
I downloaded Chronoforms a few months ago, long before this hacking incident (apparently - I guess you don't always know immediately when something happens...). As Fiona suggested, I checked my webhost error log and found this in the component/chronoforms error log - is it a routine PHP warning (and not evidence of an attempted hack)?
[27-May-2016 22:05:53 America/Denver] PHP Warning: PHP Startup: imagick: Unable to initialize module Module compiled with module API=20100525 PHP compiled with module API=20131226 These options need to match in Unknown on line 0
[27-May-2016 22:05:53 America/Denver] PHP Warning: PHP Startup: uploadprogress: Unable to initialize module Module compiled with module API=20100525 PHP compiled with module API=20131226 These options need to match in Unknown on line 0
Also, it looks like Max or someone is trying to fix it... I found this in a Google search but was afraid to click on it for the rest of the detail, since the forum pages on the Chronoengine.com site are supposed to be what was hacked:
chronoform website malware alert on google chrome - ChronoEngine.com
https://www.chronoengine.com/forums/pos ... 59928.html
May 31, 2016 - 9 posts
Yes, the site has been hacked, I have cleaned it twice now and, at the ... to the following dangerous websites: radiosvyazservis.myjino.ru.".
I hope they succeed - I have used this extension for many years and always found the support from Max and Bob to be great.
[27-May-2016 22:05:53 America/Denver] PHP Warning: PHP Startup: imagick: Unable to initialize module Module compiled with module API=20100525 PHP compiled with module API=20131226 These options need to match in Unknown on line 0
[27-May-2016 22:05:53 America/Denver] PHP Warning: PHP Startup: uploadprogress: Unable to initialize module Module compiled with module API=20100525 PHP compiled with module API=20131226 These options need to match in Unknown on line 0
Also, it looks like Max or someone is trying to fix it... I found this in a Google search but was afraid to click on it for the rest of the detail, since the forum pages on the Chronoengine.com site are supposed to be what was hacked:
chronoform website malware alert on google chrome - ChronoEngine.com
https://www.chronoengine.com/forums/pos ... 59928.html
May 31, 2016 - 9 posts
Yes, the site has been hacked, I have cleaned it twice now and, at the ... to the following dangerous websites: radiosvyazservis.myjino.ru.".
I hope they succeed - I have used this extension for many years and always found the support from Max and Bob to be great.
-
- I've been banned!
- Posts: 13639
- Joined: Sun Jul 05, 2009 3:30 am
- Location: Canberra, Australia
Re: "Chronoforms Hacked" ... and its consequences
@jerseygirl: It's unfortunate that there are victims and consequences as a result of "something" that's infected the forum—and only the forum, from what I can tell—at chronoengine.com. As far as we know, there's nothing specifically wrong or vulnerable with any of the following products:
The further consequences of this discussion are that one of the abovementioned products has been de-listed from the JED. I understand the reasoning for doing it even though I think that it may have been the preremptory exercise of "justice". C'est la vie—it's a warning to all contributors to the JED: if a developer's support site finds its way into one of x blacklists in the world, developers can expect summary de-listing of their products from the JED.
Good luck with getting your problems with Chronoforms fixed but I suspect Bob and Max have their hands pretty full at the moment.
- Chronoforms;
- Chronoforums;
- ChronoConnectivity; or
- ChronoContact
The further consequences of this discussion are that one of the abovementioned products has been de-listed from the JED. I understand the reasoning for doing it even though I think that it may have been the preremptory exercise of "justice". C'est la vie—it's a warning to all contributors to the JED: if a developer's support site finds its way into one of x blacklists in the world, developers can expect summary de-listing of their products from the JED.
It's evidence of a [minor] software issue with Chronoforms but not evidence of any attempted malfeasance.jerseygirl wrote:I checked my webhost error log and found this in the component/chronoforms error log - is it a routine PHP warning (and not evidence of an attempted hack)?
Good luck with getting your problems with Chronoforms fixed but I suspect Bob and Max have their hands pretty full at the moment.
- fcoulter
- Joomla! Ace
- Posts: 1685
- Joined: Thu Sep 13, 2007 11:39 am
- Location: UK
- Contact:
Re: Chronoforms website Hacked
Yes these are just minor issues, PHP will always output a few of these, nothing to do with a hack.[27-May-2016 22:05:53 America/Denver] PHP Warning: PHP Startup: imagick: Unable to initialize module Module compiled with module API=20100525 PHP compiled with module API=20131226 These options need to match in Unknown on line 0
[27-May-2016 22:05:53 America/Denver] PHP Warning: PHP Startup: uploadprogress: Unable to initialize module Module compiled with module API=20100525 PHP compiled with module API=20131226 These options need to match in Unknown on line 0
I am not part of the JED team, but I know that they would never take the decision to unpublish an extension lightly. It is not a 'preremptory exercise of "justice"', but simply down to the fact that ethically the JED cannot redirect users to an infected site. And let's be clear, the site did not just find its way onto some random blacklist, the developers themselves have stated that the site was infected, so I cannot understand why anyone would want to dispute the JED decision.
As I have said, the VEL know of no recent reports of vulnerabilities in Chronoforms. Of course it is not possible to 100% guarantee that it is safe, but the same is true of any software. What it does mean is that there is no need to panic if your site uses this extension. Just apply some common sense and keep an eye on your logs, make regular backups, ie do the stuff you really should be doing anyway.
As I mentioned, I have been trying to contact the developers to get some clarification of the situation but so far have had no response.
- anibal_sanchez
- Joomla! Explorer
- Posts: 487
- Joined: Sat Mar 17, 2012 3:01 pm
- Location: Oviedo, Asturias, Spain
- Contact:
Re: Chronoforms website Hacked
Hi,
In addition to avoid redirecting unwarned users to an infected site, if the site remains compromised, we cannot be 100% sure of the hacking intentions or how extensive the modification has been.
If a software distribution channel is compromised, the package itself could also be tampered to further distribute the malicious code.
For instance, when you download a software package, you can check MD5 or SHA1 signatures, published in the author site, to verify changes in the middle. However, if the site is compromised, then signatures could also be modified.
At the end, there is no way to know and it is better to avoid it until the site and extension are restored.
Regards,
In addition to avoid redirecting unwarned users to an infected site, if the site remains compromised, we cannot be 100% sure of the hacking intentions or how extensive the modification has been.
If a software distribution channel is compromised, the package itself could also be tampered to further distribute the malicious code.
For instance, when you download a software package, you can check MD5 or SHA1 signatures, published in the author site, to verify changes in the middle. However, if the site is compromised, then signatures could also be modified.
At the end, there is no way to know and it is better to avoid it until the site and extension are restored.
Regards,
@anibal_sanchez - Former JED Team Leader.
Prefix PHP Libraries & Projects: https://php-prefixer.com
My Extensions: https://extly.com
Prefix PHP Libraries & Projects: https://php-prefixer.com
My Extensions: https://extly.com
-
- Joomla! Apprentice
- Posts: 9
- Joined: Tue Aug 20, 2013 11:23 pm
Re: Chronoforms website Hacked
I apologize for not being more careful when selecting a topic name at the beginning of this thread... thanks to moderator for correcting it. I have no evidence of any malware or redirects in the chronoforms file that I downloaded a few months ago.
Wish I had the expertise to help get the Chronoengine.com site back up and running, but alas, I do not.
Wish I had the expertise to help get the Chronoengine.com site back up and running, but alas, I do not.
-
- I've been banned!
- Posts: 13639
- Joined: Sun Jul 05, 2009 3:30 am
- Location: Canberra, Australia
Re: Chronoforms website Hacked
... and, I would add, a selective application of the rule of law in this case. Chronoforms is only one out of four extensions listed on the JED that are downloadable from an allegedly infected website.anibal_sanchez wrote:At the end, there is no way to know and it is better to avoid it until the site and extension are restored.
Unfortunately that's ancient history now when topics, such as yours appear, in the Joomla! Official Sites & Infrastructure » Extensions.Joomla.org - Feedback/Information category—with subject wordings that inspire FUD—the JED team is swift to intervene even if there's only the hint of a suggestion that something is amiss in an extension's listing. The problem for extension developers whose products are summarily de-listed from the JED is that it often takes weeks for their products to be re-listed and to rebuild their damaged reputations because of experiences over which they had no control.jerseygirl wrote:I apologize for not being more careful when selecting a topic name at the beginning of this thread... thanks to moderator for correcting it. I have no evidence of any malware or redirects in the chronoforms file that I downloaded a few months ago.
I'm not arguing with the experts here; I'm merely a diarist who's casually observing a minor train-wreck unfolding. Even though I haven't personally used Chronoforms myself (and I have my own opinions about the responsiveness of those who operate their forum), in a way I'm on the developer's side here as to who is ultimately the victim.
- fcoulter
- Joomla! Ace
- Posts: 1685
- Joined: Thu Sep 13, 2007 11:39 am
- Location: UK
- Contact:
Re: Chronoforms website Hacked
I think your assumption that the JED and presumably others such as myself are not on the developer's side is objectionable. Many of the JED team are developers themselves, as am I. I know from personal experience what it is like to have your site hacked (thankfully not recently): it sucks like a great big sucky thing.in a way I'm on the developer's side here as to who is ultimately the victim.
But that is part of the life of being a developer, sometimes bad things like that happen, you have to deal with the consequences, and not blame the JED or the VEL for them, or the users who report it for that matter. Which, to be fair, the developers of Chronoforms don't appear to be doing, it just seems that some others are determined to do so on their behalf.
As far as I am concerned, we are all on the developer's side. I would like nothing better than to see this resolved quickly.
- Vimes
- Joomla! Ace
- Posts: 1675
- Joined: Fri Aug 19, 2005 12:14 am
- Location: United Kingdom
- Contact:
Re: Chronoforms website Hacked
Agreed, and it's why the site should be unpublished until the whole problem is resolved.anibal_sanchez wrote: If a software distribution channel is compromised, the package itself could also be tampered to further distribute the malicious code.
http://www.jomres.net THE online hotel booking and reservation system for Joomla and Wordpress.
-
- I've been banned!
- Posts: 13639
- Joined: Sun Jul 05, 2009 3:30 am
- Location: Canberra, Australia
The illusion of facts not in evidence
@fcoulter: I totally agree with everything you wrote. I fully agree with one's raising objections against people who allege blame on the JED or the VEL teams. The only problem I have with your response was that I made no such allegations; I hadn't made the assumptions that I suspect I'm being accused of. I was expressing my feelings and, in spite of my several handicaps—the fact I'm a product of genetics and we blokes have difficulty expressing our feelings—I'm actually a reasonably sensitive guy ... even if I lack the requisite diplomacy in how I choose to write.
It's good to see we're all on the developer's side.
It's good to see we're all on the developer's side.
-
- Joomla! Apprentice
- Posts: 25
- Joined: Mon Jan 23, 2012 11:18 am
Re: Chronoforms website Hacked
Is there anyone have tcpdf.zip actions file for chronoforms v5? because in chronoforms site is infected?? Thank you.
-
- Joomla! Apprentice
- Posts: 7
- Joined: Sat May 16, 2015 12:11 pm
Re: Chronoforms website Hacked
I have the file, but since the update I've not been able to edit the actions.
Let me have your email and I can send it this afternoon, may just be me.
Let me have your email and I can send it this afternoon, may just be me.
- bgrinter
- Joomla! Apprentice
- Posts: 38
- Joined: Wed Jan 03, 2007 2:06 pm
- Location: Sydney
Re: Chronoforms website Hacked
I emailed the developer via the contacts page on the site and got a reply straight away - the forums on the site were hacked by since cleaned up, they're still trying to get removed from the Google vulnerabilities page
Brian
-
- Joomla! Apprentice
- Posts: 9
- Joined: Sat May 26, 2007 1:32 pm
Re: Chronoforms website Hacked
An update,
The site was hacked - through a sub-domain as far as I can tell. It was cleaned up within a couple of days.
Max, the owner and developer, has been travelling and unable to access the site fully and I only have limited access. With some help I have been able to get both Google and, more recently, Norton to re-check the site. Google gave it an 'all-clear' this morning. I've requested an update on VEL and re-publishing in JED.
The hack took the form of injections in the template index.php files - all my checks on the downloads have been clean.
@haralake : I've sent you a PM with a link to the TCPDF action
The site was hacked - through a sub-domain as far as I can tell. It was cleaned up within a couple of days.
Max, the owner and developer, has been travelling and unable to access the site fully and I only have limited access. With some help I have been able to get both Google and, more recently, Norton to re-check the site. Google gave it an 'all-clear' this morning. I've requested an update on VEL and re-publishing in JED.
The hack took the form of injections in the template index.php files - all my checks on the downloads have been clean.
@haralake : I've sent you a PM with a link to the TCPDF action
-
- I've been banned!
- Posts: 13639
- Joined: Sun Jul 05, 2009 3:30 am
- Location: Canberra, Australia
Re: Chronoforms website Hacked
@GreyHead: congratulations and best wishes for the future.
I see that Chronoforms is back again on the JED. Well done! Many of us developers have to wait weeks (sometimes months) before our job tickets receive a reply.GreyHead wrote:I've requested an update on VEL and re-publishing in JED.
- mandville
- Joomla! Master
- Posts: 15152
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: Chronoforms website Hacked
due to totally unusual nature of the reason why this extension was "suspended" from the JED. then the usual process was not in place.
the fact it was linking to a hotlisted website , the vel team investigated and advised the JED who suspended the site from the JED to prevent users visiting it. . The developer and his team were advised and fully aware and agreed with the reasons.
When the site came back clean (today) then the JED were advised and the listing un suspended.
As said before , this was not a normal case of a vulnerable extension, the JED team when informed of the clean report who decided and where and how to republish the extension. Please don't confuse this with a case of any other type of extension issues.
the VEL team will always work to protect the end user and often work with the developer (in this case Bob & Max) to resolve issues.
the fact it was linking to a hotlisted website , the vel team investigated and advised the JED who suspended the site from the JED to prevent users visiting it. . The developer and his team were advised and fully aware and agreed with the reasons.
When the site came back clean (today) then the JED were advised and the listing un suspended.
As said before , this was not a normal case of a vulnerable extension, the JED team when informed of the clean report who decided and where and how to republish the extension. Please don't confuse this with a case of any other type of extension issues.
the VEL team will always work to protect the end user and often work with the developer (in this case Bob & Max) to resolve issues.
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
-
- Joomla! Apprentice
- Posts: 5
- Joined: Thu Mar 26, 2015 10:37 pm
Re: Chronoforms website Hacked
@GreyHead REALLY glad to see this post! I'm a big fan of ChronoForms, I've been waiting with bated breath ever since seeing the blacklist notices.... So glad to see you've gotten it taken care of!
-
- Joomla! Fledgling
- Posts: 2
- Joined: Mon Jul 04, 2016 8:52 pm
Re: Chronoforms website Hacked
Hi,
Today I started getting this warning on chronoengine.com:
This web page contains potentially dangerous content.
Threat: JS/TrojanDownloader.FakejQuery.A trojan
Access to it has been blocked. Your computer is safe.
The offending code looks to be in the main template. You can see the call here (this is a source code viewing tool) http://www.iwebtool.com/code_viewer?dom ... engine.com @ line 96 - the line starts with a script tag, a timeout, and a call to jquery.min.php on a co.th domain.
You may want to again warn users visiting this site (or remove from the index).
Please pass this onto the developer.
Today I started getting this warning on chronoengine.com:
This web page contains potentially dangerous content.
Threat: JS/TrojanDownloader.FakejQuery.A trojan
Access to it has been blocked. Your computer is safe.
The offending code looks to be in the main template. You can see the call here (this is a source code viewing tool) http://www.iwebtool.com/code_viewer?dom ... engine.com @ line 96 - the line starts with a script tag, a timeout, and a call to jquery.min.php on a co.th domain.
You may want to again warn users visiting this site (or remove from the index).
Please pass this onto the developer.
-
- I've been banned!
- Posts: 13639
- Joined: Sun Jul 05, 2009 3:30 am
- Location: Canberra, Australia
Re: Chronoforms website Hacked
I think it would probably be better to contact the developers yourself. They have a forum and I am sure they will be interested in what you have discovered.jgsaw wrote:You may want to again warn users visiting this site (or remove from the index).
-
- Joomla! Fledgling
- Posts: 2
- Joined: Mon Jul 04, 2016 8:52 pm
Re: Chronoforms website Hacked
I would love to, except that their entire site is compromised - including their forums and contact us page.sozzled wrote:I think it would probably be better to contact the developers yourself.
I also can't find an email address for them nor can I PM anyone on here (such as GreyHead above) because my joomla forum account is too new.
If you have a contact for them I would gladly do so.
-
- I've been banned!
- Posts: 13639
- Joined: Sun Jul 05, 2009 3:30 am
- Location: Canberra, Australia
Re: Chronoforms website Hacked
Although I am sure you have some evidence that the Chronoengine site may be compromised (indeed, I had a quick look myself and discovered a hidden link to "buy Am*** online legally"—not that I'm interested), I don't have the kind of information that you have.
I ran site checks through Sucuri, Google and Norton and none of these report any issues.
I don't personally have any interest in Chronoengine products these days. I just don't like seeing any developer's product(s) being discussed in another forum without giving them the benefit of their right of reply. Thank you for your concerns nevertheless.
I ran site checks through Sucuri, Google and Norton and none of these report any issues.
I don't personally have any interest in Chronoengine products these days. I just don't like seeing any developer's product(s) being discussed in another forum without giving them the benefit of their right of reply. Thank you for your concerns nevertheless.