You can tell if someone’s profile is infected if their profile says ‘I support Critics United’ or ‘I do not have common sense’. The infection also attempts to change the user’s email to an email called ‘actorzero’. (saying this via ask so that if you answer it’ll be more visible to readers than clicking on your notes). It seems PMs are fine as long as you use a direct PM link rather than going through their profile. Stay safe!
Thanks for replying! I poked around on FB and some forums earlier and found a bit of additional info to add to the above. Apparently this whole mess has been caused by a javascript exploit, and it can spread to your profile AND hijack your profile if you’re not careful.
What To Do If You’re Infected/How To Prevent Infection:
Do not view any other user’s profile while logged in! If you are tech saavy and know how to disable javascript or prevent it from executing, that should work as prevention. It’s also a good idea to delete your cookies.
Check your profile’s raw bio text for any lines of code. If you find anything wrong, delete it all just to be on the safe side.
CHECK YOUR BACKUP EMAILS IN YOUR ACCOUNT SETTINGS. If you see an address that shouldn’t be there, delete it and change your password immediately! The exploit adds a new email address to your list of backup emails; using this, the hackers can take control of your account.
The script now triggers on hover, a.k.a. mousing over an infected profile will spread the infection.
You can PROTECT YOURSELF WITH A SCRIPTBLOCKER EXTENSION such as YesScript (allows all by default)
or NoScript (blocks all by default)
FictionPress staff have not responded or made any public announcements, but it’s possible they may solve the problem by rolling back the website to a previous version. If so, the more recent stories may be lost. Just in case, back up your stories, reviews and favourites (especially those published in the past year)
tl;dr: If you use fanfiction.net, INSTALL A SCRIPTBLOCKER. Back up your stories and your favourites asap.
Nava 