Just an early heads up that I think your website files might have been hacked overnight. When browsing to the front page this morning I was presented with a pop up informing me I had won a free iPhone and to click OK to go register for it. The browser URL had also changed with a randomly generated url after the Hearthpwn.com web address. It’s pretty typical of a base64 hack going round at the minute which inserts PHP into the header of your index files to include an encrypted code from an unsecured file in your site. It checks for cookies too, so it only shows the first time a user browses to your site (in my case I was browsing using Safari for the first time on a new iPad, hence me not having the cookie already). For regular users it probably won’t show, even though the code is still triggered.
It’s not a security issue for users of the site, but if left unchecked, you’ll end up hit by Google for spam generated urls in the search index.
Maybe pass this to your web design folks so they can check on it?
After fixing 3 websites 2 weeks ago all infected with the same hack, all running CMS systems similar to Hearthpwn’s, I’m pretty sure my issue isn’t because I need to simply run Adblock in my browser. These things happen. If it hasn’t yet, then all is good. If it has, then all will still be good.
It's not only you, I also had problems accessing Hearthpwn last night from my computer. I use Google DNS and I tried using other ones but I still coulnd't access, so I don't think the problem was the DNS. I tried Firefox and Chrome in order to discard a browser issue.
That was from my computer, I had no problems from my phone.
Just an early heads up that I think your website files might have been hacked overnight. When browsing to the front page this morning I was presented with a pop up informing me I had won a free iPhone and to click OK to go register for it. The browser URL had also changed with a randomly generated url after the Hearthpwn.com web address. It’s pretty typical of a base64 hack going round at the minute which inserts PHP into the header of your index files to include an encrypted code from an unsecured file in your site. It checks for cookies too, so it only shows the first time a user browses to your site (in my case I was browsing using Safari for the first time on a new iPad, hence me not having the cookie already). For regular users it probably won’t show, even though the code is still triggered.
It’s not a security issue for users of the site, but if left unchecked, you’ll end up hit by Google for spam generated urls in the search index.
Maybe pass this to your web design folks so they can check on it?
Thanks.
I don’t believe Hearthpwn is even PHP based, I would check my own backyard if I were you :)
Huh, I guess you found me. I admit, I hacked your site. Whatcha gonna do about it? The only thing that will make me stop is hearthstone packs, so if you want your website back, gift 5 packs to ibbinx#1475, or suffer my hacker ability.
Fluxflashor is willing to help u. You might wanna follow up on that cause sadly it seems to be something on your end. I never had those problems on this website
MediaWiki™ is the software which runs all of the communities on FANDOM.
Originally created for Wikipedia, MediaWiki is an open source PHP-based wiki engine now used to run thousands of sites. It is officially classified as a content management system.
You’re mistaken. Surely? You’re part of Fandom, and powered by Wikia. An open-source PHP CMS? Or is your footer wrong? ;)
We are part of Fandom, but were acquired, not coded ground up the same way. You are lacking lots of information it would seem and making wild guesses and connections you think should be there. Reply to Flux in PM if you want to get to the bottom of this, throwing around what you think is happening when you dont actually know will not help you resolve the issue ;-)
Hey Hearthpwn folks,
Just an early heads up that I think your website files might have been hacked overnight. When browsing to the front page this morning I was presented with a pop up informing me I had won a free iPhone and to click OK to go register for it. The browser URL had also changed with a randomly generated url after the Hearthpwn.com web address. It’s pretty typical of a base64 hack going round at the minute which inserts PHP into the header of your index files to include an encrypted code from an unsecured file in your site. It checks for cookies too, so it only shows the first time a user browses to your site (in my case I was browsing using Safari for the first time on a new iPad, hence me not having the cookie already). For regular users it probably won’t show, even though the code is still triggered.
It’s not a security issue for users of the site, but if left unchecked, you’ll end up hit by Google for spam generated urls in the search index.
Maybe pass this to your web design folks so they can check on it?
Thanks.
Sounds like your DNS is hijacked.
LUL just use adblock and no problemo, also, i think the problem is on your side
Mine isn’t. Everything’s secure at this end. 👌🏻
It's you. You aren't secure. You have Ad Malware. You will see ads you haven't seen before on most of the sites you visit not just here.
Thanks for that informative reply Pullaaa.
After fixing 3 websites 2 weeks ago all infected with the same hack, all running CMS systems similar to Hearthpwn’s, I’m pretty sure my issue isn’t because I need to simply run Adblock in my browser. These things happen. If it hasn’t yet, then all is good. If it has, then all will still be good.
It was just a head’s up...in case.
It's not only you, I also had problems accessing Hearthpwn last night from my computer. I use Google DNS and I tried using other ones but I still coulnd't access, so I don't think the problem was the DNS. I tried Firefox and Chrome in order to discard a browser issue.
That was from my computer, I had no problems from my phone.
I don't really know what could be the problem...
Almost certain this is malware on your end. If you want to PM me a direct url to where it takes you though, I can take a look at it.
We don't even use PHP on HearthPwn :P
OMEGALUL
I don’t believe Hearthpwn is even PHP based, I would check my own backyard if I were you :)
Huh, I guess you found me. I admit, I hacked your site. Whatcha gonna do about it? The only thing that will make me stop is hearthstone packs, so if you want your website back, gift 5 packs to ibbinx#1475, or suffer my hacker ability.
Fluxflashor is willing to help u. You might wanna follow up on that cause sadly it seems to be something on your end. I never had those problems on this website
You’re mistaken. Surely? You’re part of Fandom, and powered by Wikia. An open-source PHP CMS? Or is your footer wrong? ;)
P.S. I wrote my reply 13 minutes into the future according to my screen! It’s like the twilight zone around here 😳
http://community.wikia.com/wiki/Help:MediaWiki
MediaWiki™ is the software which runs all of the communities on FANDOM.
Originally created for Wikipedia, MediaWiki is an open source PHP-based wiki engine now used to run thousands of sites. It is officially classified as a content management system.
We are part of Fandom, but were acquired, not coded ground up the same way. You are lacking lots of information it would seem and making wild guesses and connections you think should be there. Reply to Flux in PM if you want to get to the bottom of this, throwing around what you think is happening when you dont actually know will not help you resolve the issue ;-)
- Click Here To Join Us On Discord! -