Hey guys. You've probably noticed that we got pinged with a malware warning today. This is just a heads up that we have not deliberately put anything malicious on the website :p Here is the steps we took to attempt to remedy the situation:

  1. Had a quick look through the page source code to try to find any malicious form of JS.
  2. Looked at all outgoing HTTP when the page is initially requested to see if any malicious 3rd party scripts are being loaded.
  3. Checkout out the diagnostic page, had a quick look for some of those websites in plaintext in both the database and filesystem, found nothing.
  4. Scanned filesystem for any JS file modified in the last 30 days, found nothing.
  5. Scanned filesystem for any common JS obfuscation techniques (namely unescape() and fromCharCode() functions). Found nothing that looked worrysome.
  6. Disabled hooks.
  7. Set YUI to load from Google (in reply to this thread: https://www.vbulletin.com/forum/show...direct+exploit)

And I requested a review. Hopefully that should fix it.