[Old] Strange JavaScript on our forum!

User avatar
Q-Ball
Global Moderator
Posts: 849
Joined: Tue Jan 13, 2009 5:55 pm
Primary Device: Sony Ericsson Xperia Mini pro
Operating System: Android 2.3.2
Contact:

[Old] Strange JavaScript on our forum!

Postby Q-Ball » Sat Apr 17, 2010 9:44 pm

If you haven't got decent Firewall or Antivirus, I advice you to download one somewhere!
Its very important because this JavaScript can load a Trojan on your computer.

If somebody know who loaded it to our website, please contact with CloudStrife86, i900frenchaddict or me.
Thanks for understanding.
Image

User avatar
i900frenchaddict
Global Moderator
Posts: 2114
Joined: Sat Feb 21, 2009 10:47 am
Primary Device: Galaxy Note 2/ HTCs
Location: France
Contact:

Re: http://61.4.82.212/js.php

Postby i900frenchaddict » Mon Apr 19, 2010 12:58 pm

it s also impossible to register a new account because the security criptograph doesn t display..... :?

User avatar
Q-Ball
Global Moderator
Posts: 849
Joined: Tue Jan 13, 2009 5:55 pm
Primary Device: Sony Ericsson Xperia Mini pro
Operating System: Android 2.3.2
Contact:

Re: http://61.4.82.212/js.php

Postby Q-Ball » Mon Apr 19, 2010 9:08 pm

Hell, something wrong here. Hope Schtruck will return and fix it.
Image

User avatar
ukbreakbeat
Enthusiast
Posts: 174
Joined: Sat Dec 26, 2009 5:54 pm
Primary Device: HTC HD2
Operating System: 6.5
ROM: 1.66 stock
Contact:

Re: http://61.4.82.212/js.php

Postby ukbreakbeat » Tue Apr 20, 2010 4:26 pm

er yeah... i think i just got redirected to some faux anti spyware/anti virus bullshit site when visiting back here for the first time in a while.


user avatars arent displaying correctly now also.


hacked?

User avatar
i900frenchaddict
Global Moderator
Posts: 2114
Joined: Sat Feb 21, 2009 10:47 am
Primary Device: Galaxy Note 2/ HTCs
Location: France
Contact:

Re: http://61.4.82.212/js.php

Postby i900frenchaddict » Tue Apr 20, 2010 6:10 pm

Same for me for the bullshit website, considered as dangerous and blocked by firefox.

Houston, we've got a problem!

User avatar
Tatsumaki Senpūkyaku
Enthusiast
Posts: 164
Joined: Wed Jan 27, 2010 9:38 pm
Primary Device: t8585

Re: http://61.4.82.212/js.php

Postby Tatsumaki Senpūkyaku » Tue Apr 20, 2010 9:57 pm

Code: Select all

Threat characteristics of ZBot - a banking trojan that disables firewall, steals sensitive financial data (credit card numbers, online banking login details), makes screen snapshots, downloads additional components, and provides a hacker with the remote access to the compromised system.

sounds bad :? link

ps. Using 'NoScript' on Mozilla.
tatsumaki's corner
Minds are like parachutes, they both work best when open.

User avatar
Q-Ball
Global Moderator
Posts: 849
Joined: Tue Jan 13, 2009 5:55 pm
Primary Device: Sony Ericsson Xperia Mini pro
Operating System: Android 2.3.2
Contact:

Re: http://61.4.82.212/js.php

Postby Q-Ball » Wed Apr 21, 2010 6:08 am

We need something to do!
At first maybe we should tell everybody to stop Logging-in if they haven't got decent firewall.

Of course... who could it be...
Analysis of the file resources indicate the following possible country of origin:
Russian Federation

Hell, why cant you stop it? Why you always need to make such a problems?
Schtruck made FREE FpseCE version for You, so USE IT if you're SO SMALL to earn money like big boys.
Image

User avatar
i900frenchaddict
Global Moderator
Posts: 2114
Joined: Sat Feb 21, 2009 10:47 am
Primary Device: Galaxy Note 2/ HTCs
Location: France
Contact:

Re: [Important] Strange JavaScript on our forum!

Postby i900frenchaddict » Wed Apr 21, 2010 8:40 am

Actually I don't think they can steal supporter version or anything else from the forum now.
And the automatic delivery system is crashed (not because of a script, because it regularly crashes, and Schtruck is away) so there's really nothing to steal.......but I hope this won't damage the forum itself.

User avatar
Tatsumaki Senpūkyaku
Enthusiast
Posts: 164
Joined: Wed Jan 27, 2010 9:38 pm
Primary Device: t8585

Re: [Important] Strange JavaScript on our forum!

Postby Tatsumaki Senpūkyaku » Wed Apr 21, 2010 9:40 am

Actually I don't think this is about the supporter version, yet.
According to this Thread, i can't tell you for shure if this is even just an fpsece problem.

But hacking some email Accounts>changing passwords on them>requesting new versions> and spreading numerous supporter versions might could make some trouble as the original users would lose all access to it.

But don't listen to me, i don't know who we are dealing with.
tatsumaki's corner
Minds are like parachutes, they both work best when open.

User avatar
Q-Ball
Global Moderator
Posts: 849
Joined: Tue Jan 13, 2009 5:55 pm
Primary Device: Sony Ericsson Xperia Mini pro
Operating System: Android 2.3.2
Contact:

Re: [Important] Strange JavaScript on our forum!

Postby Q-Ball » Wed Apr 21, 2010 11:50 am

It actually cant steal supporter version, but if this virus (keylogger!) will be loaded on you PC, it will get your E-mail address and password, isn't it? I work in IT sphere (as NetEngi) so I know what can do Keyloggers :P
So the only ones who can suffer - FpseCE supporters.
Image


Return to “General Discussion”

Who is online

Users browsing this forum: No registered users and 3 guests