The web site has had the malicious Javascript removed, and has been
re-enabled.

We believe the issue was caused by the FTP credentials (username and
password) being stolen by a trojan program on a Microsoft Windows
machine, and used to modify files on the site.

The trojan is believed to infect PCs by exploiting known weaknesses in
various pieces of Adobe software, and other known vulnerabilities in
software.

The Trojan may be able to disable some antivirus tools.

If you have visited the Exeter Chess club website since May 13th 23:52
BST, or any of the other thousands of infected website since March (i.e.
probably everyone reading this email), you should check the following:

1) Your PC's antivirus software is up to date, specifically that it is
updating correctly.

2) The software installed including Adobe Flash player is up to date.

The online scanning tool at Secunia may be useful here.

http://secunia.com/vulnerability_scanning/online/


One can further reduce ones exposure to this type of attack by;

a) using tools like the Firefox browser plug-in "NoScript".

"NoScript" prevents the browser running Javascript from untrusted sites,
but it does require some "know how" to get the most from it.

http://www.mozilla-europe.org/en/firefox/
http://noscript.net/

b) ensuring your browser is checking against lists of known bad sites.

In Firefox this is used "Edit > Preferences > Security" and enabling

"Tell me if the site I'm visiting is a suspected attack site."
"Tell me if the site I'm visiting is a suspected forgery."

Whilst this isn't an ideal solution it doesn't require any "know-how".

For Internet Explorer you need to ensure "Phishing Filter" is active in
IE7, or "SmartScreen" in IE8, I think up to date PCs will have IE8, and
SmartScreen should be active by default.

c) keep all software up to date, thus avoiding known weaknesses.

We'll endeavour to do better with keeping the website secure.

Apologies for the inconvenience.

Simon