Sign in to follow this  
Followers 0
Guest Supreme Allah

Hundred of Thousands of Websites Hacked and Booby-trapped

35 posts in this topic

booby-trapped? boobie?

so yea, step tour firewall game up, the system tool virus i got twice aint no joke

Hundreds of thousands of websites appear to have been compromised by a massive cyber attack.

The hi-tech criminals used a well-known attack vector that exploits security loopholes on other sites to insert a link to their website.

Those visiting the criminals' webpage were told that their machines were infected with many different viruses.

Swift action by security researchers has managed to get the sites offering the sham software shut down.

Code control

Security firm Websense has been tracking the attack since it started on 29 March. The initial count of compromised sites was 28,000 sites but this has grown to encompass many times this number as the attack has rolled on.

Websense dubbed it the Lizamoon attack because that was the name of the first domain to which victims were re-directed. The fake software is called the Windows Stability Center.

The re-directions were carried out by what is known as an SQL injection attack. This succeeded because many servers keeping websites running do not filter the text being sent to them by web applications.

By formatting the text correctly it is possible to conceal instructions in it that are then injected into the databases these servers are running. In this case the injection meant a particular domain appeared as a re-direction link on webpages served up to visitors.

Early reports suggested that the attackers were hitting sites using Microsoft SQL Server 2003 and 2005 and it is thought that weaknesses in associated web application software are proving vulnerable.

Ongoing analysis of the attack reveals that the attackers managed to inject code to display links to 21 separate domains. The exact numbers of sites hit by the attack is hard to judge but a Google search for the attackers' domains shows more than three million weblinks are displaying them.

Security experts say it is the most successful SQL injection attack ever seen.

Generally, the sites being hit are small businesses, community groups, sports teams and many other mid-tier organisations.

Currently the re-directs are not working because the sites peddling the bogus software have been shut down.

Also hit were some web links connected with Apple's iTunes service. However, wrote Websense security researcher Patrick Runald on the firm's blog, this did not mean people were being redirected to the bogus software sites.

"The good thing is that iTunes encodes the script tags, which means that the script doesn't execute on the user's computer," he wrote.

http://www.bbc.co.uk/news/technology-12933053

vid on there

0

Share this post


Link to post
Share on other sites

I'm sure I have picked up one of the viruses, if any one can help me get rid, pm me please.

0

Share this post


Link to post
Share on other sites

what free antivirus stuff do ppl have?

0

Share this post


Link to post
Share on other sites

when you download random sh*t from google searches you get f*cked

stick to key websites

0

Share this post


Link to post
Share on other sites

^^ c/s

this will be part of future warfare

knock a country offline and they are f*ckED

come a long way since bombing factories...

0

Share this post


Link to post
Share on other sites

is that like that 'antivirus' virus that locked all your sh*t till you bought their software?

0

Share this post


Link to post
Share on other sites

is that like that 'antivirus' virus that locked all your sh*t till you bought their software?

the system tool one doesnt ask you to download, ull visit a site then get a warning pretending to be an anti virus and wont let u open up anything else until your in safe mode.

this one seems to look like you may get a prompt, but the guy also said it works in the background.

first and foremost, dont visit fucd.com thats where i got it from twice

the guy also sayin u need a legit anti virus, i dont know if the downloaded ones have viruses on them or whatever, but mine seems to be alright atm

0

Share this post


Link to post
Share on other sites

i remember going to one site

and they tried to download somethign onto my lappy

IDM saved me though because whenever a download takes place it asks you to start download or cancel.

this came up bare times.

got shook for a bit

0

Share this post


Link to post
Share on other sites

is that like that 'antivirus' virus that locked all your sh*t till you bought their software?

the system tool one doesnt ask you to download, ull visit a site then get a warning pretending to be an anti virus and wont let u open up anything else until your in safe mode.

this one seems to look like you may get a prompt, but the guy also said it works in the background.

first and foremost, dont visit fucd.com thats where i got it from twice

the guy also sayin u need a legit anti virus, i dont know if the downloaded ones have viruses on them or whatever, but mine seems to be alright atm

did it say which antiviruses can detect it or do you need some other kind of malware/spyware type thing?

i got norton but people say that norton can miss certain things

0

Share this post


Link to post
Share on other sites

Kaspersky ftw

0

Share this post


Link to post
Share on other sites

didnt mention one specifically, I have Kaspersky PURE, had K Internet Security before when i got the viruses, but that was prob my sh*t configuration

but now also, when im searching for stuff that may include sites with viruses i got a sanbox program called Returnil System Safe.

from wiki

In computer security, a sandbox is a security mechanism for separating running programs. It is often used to execute untested code, or untrusted programs from unverified third-parties, suppliers and untrusted users.

The sandbox typically provides a tightly-controlled set of resources for guest programs to run in, such as scratch space on disk and memory. Network access, the ability to inspect the host system or read from input devices are usually disallowed or heavily restricted. In this sense, sandboxes are a specific example of virtualization.

so if u download something that may have a trojan, run it sandboxed. I only got it recently so im not sure how effective it is.

theres another one called sanboxie

sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer.
0

Share this post


Link to post
Share on other sites

anybody used these sandbox things for a long time?

can i run idm inside it and if i do what happens with that 'doesnt let programs change data thing?'

0

Share this post


Link to post
Share on other sites

That system tool thing is a bastard

Was really easy to get rid of though

You know there' ssome f*ck*ng scumbags in Ukraine making like a hundred grand a week off that virus/scam

0

Share this post


Link to post
Share on other sites

lol i had one the other day

wasnt ur usual one either

even when i booted up in safemode it was still there lol

also i couldnt find it in the boot programs list so i jus backed up sum stuff and reformatted

never had to do that b4 :(

0

Share this post


Link to post
Share on other sites

Macs do get viruses, it's just Windows has almost 90% of the operating system market so obviously people write their viruses targeting them, or you just never hear about mac viruses..

Plus with mac's the viruses for windows may just be sitting there, until you do something like use a usb drive, then connect it to a windows machine which will then infect it.

This just looks like one of those pop ups that looks like Windows Security Center, or "Stability Center" and people end up installing it.

You could have the best anti-virus software in the world, means nothing, it's down to the user to be responsible with what they download/install.

All i use is microsoft security essentials now and it does the job perfect.

0

Share this post


Link to post
Share on other sites

Ohhhh my god I have that vista home security fake virus sh*t.

I can't access anything... Nothing. WTF am I to do.

I've tried safe mode and delete things from processes in task manager but some of them won't allow it. Tried running regedit. No luck. Can't update my virus scan system.

Fml. Someone help???!

0

Share this post


Link to post
Share on other sites

I don't even download any sh*t to my pc. I'm cautious/aware/smart about what sites I visit etc.

I'm backing up my music and work ASAP. I hope in a wAy this will lead to me buying a fresh new lappy. Cannot lose any data though.

0

Share this post


Link to post
Share on other sites

Will the system restore work? I can't load Internet or malwarebytes, which Is what I use, in safe mode.

Im backing up stuff now. If I'm leaving my system running for the next couple of hours is the virus going to spread and do more damage? What should I be expecting?

0

Share this post


Link to post
Share on other sites

Will the system restore work? I can't load Internet or malwarebytes, which Is what I use, in safe mode.

Im backing up stuff now. If I'm leaving my system running for the next couple of hours is the virus going to spread and do more damage? What should I be expecting?

it's really easy to get rid of

i don't think it f*cks with your files or anything, it just tries to get you to pay for a virus removal product

it's a money-making scam

0

Share this post


Link to post
Share on other sites

If I've had viruses in the past I've always been able to deal with them with ease.

But now it's disabled most of my applications. For instance I can access control panel but nothing further. Im glad it won't f*ck with my files. Its annoying I have work to do right now. Going to take it to someone tomorrow, but will be lost without it for the rest of the week.

0

Share this post


Link to post
Share on other sites

yea system restore works for me, just make sure you boot into safe mode with networking (press F* when you see the first boot image)

others have said malware bytes and spybot have worked installing in safe mode, but i just went straight for the system restore..

think another way i did it aswell was to boot, press F* then select repair, and when it comes up select system restore

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0