Jump to content

Viruses

Chemical Castration
 Share

Recommended Posts

Chemical Castration HQ Soldier

Chemical Castration

Posted
Posted

After the 5th time of being attacked by a worm and prompted to download a weird file from www.countbest.net and www.bestcount.net I noticed every link on those sites would redirect you to www.game4all.biz I remember Lee saying that there were bots that would find vulnerabilities and spread worms. But if they were all coming from the same site isnt there something Lee could do to at least inform games4all.biz of what's going on? If it is an intentional attack cant the authorities be notified?

Link to comment
Share on other sites
Lee HQ Soldier

Lee

Posted
Posted

But if they were all coming from the same site isnt there something Lee could do to at least inform games4all.biz of what's going on? If it is an intentional attack cant the authorities be notified?

 

Yes, and I've done both. This time it was a different file. which leads me to feel good about the file privileges I set last week on the other area it was going into. Meaning, It appears I solved the issue from one angle, but they came at a different angle this time.

Link to comment
Share on other sites
Lee HQ Soldier

Lee

Posted
Posted

So game4all is intentionally attacking the HQ? I dont know how any of this works but why would the same site constantly send viruses here? Are the owners of the site just retards that dont know the what the definition of subtle is?

 

Thanks for replying Lee.

 

Essentially a 'bot', is source code/programming set up, that when it's executed, is to perform artificial intelligence tasks. In our case, the bot scours the net for certain vulnerabilities. Once it comes across one it can penetrate, it simply injects code which calls up trojans, spyware, or whatever it's programmed to do.

 

I have all the patches in place for the forums as called for by Invision Power Services (the developers of the HQ"s forum software). I also have the directories the files were in that got compromised last week set up with stronger permissions/restrictions than Invision requires. However, the bot found another file to edit. I quickly reverted the file back to the clean version and set the restrictions on it as I did above with the others. I would like to be able to set that for the whole forum directory, but unfortunately, there are areas that need to have somewhat open/limited restrictions.

 

I know it's a royal pain in the ass, but myself as well as others are on it. Just like the other bugs/issues we've resolved in the past.

 

-L

Link to comment
Share on other sites
dawarriorman HQ Soldier

dawarriorman

Posted
Posted

Ok, this has just got me wondering a couple things. What OS are your servers running? And the whole IPB is php right? Where are the vulnerabilities coming from that are allowing them write files on your server (the code for the board right?) In which case, I would think you should be yelling at Invision, as their software has some sort of vulnerability.

 

Of course I could be way off.

Link to comment
Share on other sites
Animalman294 HQ General

Animalman294

Posted
Posted

Well no offense to anyone, but if it is invision that has the loopholes that these F*@#ing Trojans are coming in through then they need to fix the problem. My computer at work is locked up because the counties firewall caught and eliminated the Trojan, but I had to take my computer off the network until IS resets my configuration. Hopefully, I won't have to explain where it came from because it showed up when I logged into here on Friday, so I know it came from the HQ.

 

If protection from the viruses, bots or trojans needs to be beefed up to protect the computersof HQ members then do it otherwise members may stop coming here until such time it becomes safer to run our computers safely.

 

Maybe someone should send Game4all a few toys to play with, there has to be someone on here that is knowledgeable with this kind of stuff to send them a couple of nice surprises.

Link to comment
Share on other sites
Chemical Castration HQ Soldier

Chemical Castration

Posted
  • Author
Posted

Essentially a 'bot', is source code/programming set up, that when it's executed, is to perform artificial intelligence tasks. In our case, the bot scours the net for certain vulnerabilities. Once it comes across one it can penetrate, it simply injects code which calls up trojans, spyware, or whatever it's programmed to do.

 

So what's the point of this 'bot?' Is it just a way to generate more traffic for game4all or their clients? I don't understand why the same site would be sending worms here over and over. Each time I browsed their sites my anti virus and firewall never went off, plus there was never any prompts to download any weird files. So other than a lack of taste, I dont think there's anything wrong on their end. Or is it just a coincidence that the file is always coming from them?

Link to comment
Share on other sites
csrmel HQ Soldier

csrmel

Posted
Posted (edited)

i came on the site the other day and my antivirus started going crazy. it kept blocking files but my web browser froze up and i couldnt even mouse the start menu. i had to manually shut the computer down via holding the power button for 5 seconds.

 

i lost about 3 hours time in work on the computer. i (normally save every 3-5 hours).

 

this bot problem is bullshit. im not normally one to complain but this is pathetic. Invision seems like some easy shit to compramise because these problems are concinoually ongoing. its problems like that that force me not to become a donating member. i guess im just a little pissed because i lost some work i was doing.

 

instead of just bitching about the problem, ill offer a suggestion. why not move to another brand of software? hell put up a fund drive if ya have too. i would probably donate to that. i know its probably a pain in the ass to convert over to a new forum software but hell its also got to be a pain to be patching the forum and deleting worms and all that kind of shit on a continual basis.

 

sorry for my bitching, i guess im just venting.

 

 

 

"Maybe someone should send Game4all a few toys to play with, there has to be someone on here that is knowledgeable with this kind of stuff to send them a couple of nice surprises."

 

 

yeah man its called we find the location of their operations and break in there, beat everyone up and steal their computers and sell them on ebay.

Edited by csrmel
Link to comment
Share on other sites
Wallrat HQ Captain

Wallrat

Posted
Posted

I f'd up my work computer last night too. That's what they get for using shitty anti-virus protection w/ shitty PC's. I had to manually track all that crap down - took about 1.5 hours. From now on I don't think I'll be visiting the HQ cept on my Mac at home.

Link to comment
Share on other sites
Chemical Castration HQ Soldier

Chemical Castration

Posted
  • Author
Posted

This is an email I got a long time ago...

 

> ----- Original Message -----

> Subject: byrus

>

>

> BUENOS DIAS!!!-- JOU HAVE YUST RECEIBED A MEHICAN BYRUS.

>

> SIN WE NO HABE SO GOOD TECHNIOLOGICALLY ADBANCE IN MEHICO, DEES IS A

> MANUAL BYRUS.

>

> PLEESE DELETE ALL JOUR FILES ON JOUR HARD-DRIVE JOURSELF AND SEND

> THEES E-MAIL TO EBERYONE JOU KNOW.

>

> TANK JOU FOR HALPING ME.

>

> --JULIO MANUEL JOSE RODRIGUEZ-GARCIA----

> MEXICAN HACKER

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing

BHQ Quick Links

×
×
  • Create New...