chris_venturini Posted September 30, 2010 Posted September 30, 2010 Every time I access the site as of today it takes me to some "anti-spyware/virus" site and wants to install software that I can only assume is malicious. Anybody else experiencing the same thing? Quote
Tim Comeau Posted September 30, 2010 Posted September 30, 2010 Ok, don't click on the link. And don't click on the fix. THAT said I had 9 viruses. I updated my Norton anti virus and ran it. In reality, I had 1 virus. In other words, the cure IS the virus loader. Quote
Weston Posted September 30, 2010 Posted September 30, 2010 Yeah, looks like 944-Spec.org is loading and then redirecting to a scam/virus site. It's not uncommon for malicious websites to masquerade as anti-virus/anti-spyware tools that open pop-ups claiming you have viruses (which they couldn't possibly know at that point), and then you're hosed if you install or use their "solution". Quote
JerryW Posted September 30, 2010 Posted September 30, 2010 I sent an e-mail to Ken this morning when I noticed it - stupid virus tried to put windows code on a Linux system. lol Quote
JerryW Posted September 30, 2010 Posted September 30, 2010 Ken tells me that the site is fixed and he is doing forensics now to find how the hack happened. It should be safe to visit again but (as always) keep your anti virus up to date ! Quote
ianacole Posted September 30, 2010 Posted September 30, 2010 Still some issues ... clicked on the "Driver Info" tab and was redirected. Quote
pixrken Posted October 1, 2010 Posted October 1, 2010 The site was indeed hacked on 9/30 6:41am Looks like a admin account might have been compromised. It inserted code in the form of <?php /**/ eval(base64_decode(".........."));?> which did a redirect, open up a iframe and played a video simulating a windows virus infection, hoping the user would think it's real and click on it. I'm sure Linux and Mac users find it amusing but some windows users might not realized they got played. I did a global search thru the entire site and removed the offending code and made changes to some files and directory permissions. I know where the attack came from and still studying how the the payload was installed. Quote
Cheap_Thrills Posted October 1, 2010 Posted October 1, 2010 They didn't know who they were messing with. Get em, Ken. Quote
bamf3000 Posted October 4, 2010 Posted October 4, 2010 I'm still getting this error and redirect to virus scan blah blah blah. Just as a heads up, doesnt look like its fixed. Quote
JerryW Posted October 4, 2010 Posted October 4, 2010 Yup - looks like it is still there when accessing the Tech Articles link from the home page. Update sent to Ken - but he should see this thread as he's posted in it. Quote
Tim Comeau Posted October 4, 2010 Posted October 4, 2010 Dear hacker, One more naughty act and Ken is going to unleash the power of PIXAR on your sorry a$$! He'll digitize you and re-animate you into a Monster's Inc. character....That's right. One BIG eye in the middle of your face. Quote
pixrken Posted October 4, 2010 Posted October 4, 2010 It's fixed again. Left a snare to check for backdoor and it was tripped and module located. The problem with a using a content management system is it's only as strong as it's weakness third party components. Working on upgrading components. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.