Stolen Fanfiction Alert/malware/compromised accounts at FFnet


Recommended Posts

Fanfiction Net has been hit already and other sites may also be targeted by these same people.There is a good chance that other sites like this one are going to be targeted. Wild Rhov is one of the people who are alerting everyone who has accounts on Fanfiction net, and so I am going to share her tumbler post because it has information on how to fight back by complaining to google,with the information on how best to combat this horrible group of fake sites that are full of malware and such also. Please read her original post and safeguard yourselves if you have a fanfiction net account.

Here is part of Rhov's original tumbler post so people get an idea of what is going on here so they can safeguard their own computers and accounts if you have a account that has been stolen from and could compromise the security of your own computers..

All of your stories, your profile, everything has been stolen and copied onto the following websites. (WARNING, these sites have malicious ads that carry malware! Use an adblocker!)

They are making profit off your stories with advertisements. This is called spamdexing. Please report them. Theft of this hefty magnitude, literally millions of stories, should not go unpunished.

Also, do not attempt to log in to any site that looks like but is not. In theory, they could steal your email and password!

  1. Go here:
  2. Put in the name of the website (one report each)
  3. Write in additional details: This is a spamdexing mirror site to and has stolen my profiles and intellectual property.
  4. Click “I am not a robot” and then “Report webspam”
  5. Report more by clicking the link on: Go back to the webspam report form.

Writers and fanfic readers should report these websites that profit off our hard work. Stop plagiarism and art theft!


People have been warning me that these sites contain malware. Since I use an adblocker and run Linux, I was not aware of this. (Bonus for Linux, eh?)

PLEASE BE CAREFUL WITH THOSE SITES. Only visit them if you have an adblocker on your computer. This is utterly malicious and must be stopped.

People have suggested issuing a DMCA to Perhaps they will act if we all do that.

Link to comment
Share on other sites

From basic proding it seems that any fiction site running fiction press as it's core is vulnerable which includes, Custom coded archives do not seem to have been touched by this since their code base is not public. Still good to know about it though I am not worried about that happening to this archive since security is a big part of how the new code operates, has been for years now.

Link to comment
Share on other sites

Although that's about WordPress based sites, much of it does apply. I do regularly scan the site with Sucuri's free site check, and we stay clean. I changed the adserving software due to vulnerabilities in the old software, which subjected this site to malicious code injection via the java for displaying the banners. That was a crazy three or so weeks while I tracked it down and figured out why, and then had to clean the site a few times while still using the old adserver software. We haven't had that issue since I changed the software.

This also brings up exactly WHY file uploads are limited to text files. One can insert all kinds of malicious code in macros. That's why we don't allow upload of .doc/.docx, .ods, or anything LIKE that, because of the security risk entailed with what can be inserted via a macro in a document.

Link to comment
Share on other sites

Good to know. I'm glad this site isn't easy to hack. Read the article and it made me realize how lazy many sites must be to allow their selves to get hijacked all the time.

Link to comment
Share on other sites

Not so much lazy, as not knowledgeable. WordPress can be installed on any server. If you don't keep it updated, just like anything else, it becomes vulnerable. Particularly where it relies on old java script that has known vulnerabilities. There is GOOD java too. MOST of it is good, solid code. But, some java code doesn't get updated when other things do, and this is what causes the vulnerability with it.

Link to comment
Share on other sites

  • 3 weeks later...
  • 1 month later...

Thanks for all the info you shared, DG. And All the authors for Fanfic net including myself were on the malware mirrors, Mistress Pen. Not sure how the hack sent us all to other sites, I'm simply relieved that all the mirrors were killed off so that people are not getting their computers infected any longer. : )

Link to comment
Share on other sites

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.