Further Explanation for Those Interested...
Glad to see MacRumors back online.
One of my good friends and fellow MacRumors members sent me an e-mail explaining his experience with regards to this incident.
Basically, it started with a message from MacRumors stating that he had received a private message. After logging in, it was indicated that the member had turned off private messaging, however there was a text link in the notification e-mail.
The link redirected him to a site called "clipwizards", claiming to be a porn site.
It then, via javascript, forced the download of an "Active X component" by looping until he pressed OK.
After clicking OK, a file called
1023.dmg was downloaded to his desktop.
Curious, since there's no such thing as ActiveX for the Mac.
A Google search for "1023.dmg" leads to
this page, which pretty much explains everything. It appears to be a massive organized Eastern European crime ring that has access to nearly every machine hosted by the ISP "iPowerWeb". They don't do MR's hosting though, do they?
As for the 1023.dmg file, it contains the app that made the news a couple months ago - the
Mac trojan that asks a user to enter their username and password on which then modifies the Mac's DNS servers, etc. etc.
Anyway, there ya go...