I was notified last night that there were hidden phishing links on our board.
After some investigation I did indeed find a number of phishing links disguised as legitimate links.
It appears the poster went back into existing topics and inserted the malware a long time after posting.
It took me a while to find all the links and I have deleted all of them.
The complexity of this situation has forced me to turn off the unlimited edit times and I have set the default back to 60 minutes.
Unfortunately some of the links were also in the buy & sell section and I am still analyzing some of the code to see what the intentions of the culprit was.
So therefore when you post in Buy & Sell the post is only editable for 1 hour. When the domain sells simply post sold and I will edit the title later to show the domain has sold.
I am sorry about this and will see how I can make some code changes moving forward, but it appears to me that having posts open to edit indefinitely is an invitation for trouble.
A while back there were a couple of other instances where someone edited out a number of their posts as well. With unlimited editing we run the risk of that happening again and this makes the topic worthless, especially if the first post is edited out a few months after it has been made.
Not sure what the solution is at the moment but I will try and figure it out.