GH compromised?

noodles256

02 Apr 2011, 23:30

I open the webpage up today and googlechrome blocks me and states this site has known to cause malware to be installed onto your computer by drazelus.cr.cc or something like that?

Anyone run into this?

Edit: site is known as drelarus.cz.cc

User avatar
keyboardlover

02 Apr 2011, 23:31

Me and manfaux noticed that too. Doesn't seem good.

noodles256

02 Apr 2011, 23:34

Yea, I still logged on.

it is just annoying because it pops up everytime I access a page.

User avatar
acfrazier
Mad Scientist

02 Apr 2011, 23:53

Image

This is the problem. Injected iframe.

User avatar
webwit
Wild Duck

03 Apr 2011, 00:11

Ouch.

kektr0city

03 Apr 2011, 00:12

yea i'm getting this error when i visit the site. like wtf mate?
Attachments
gh_security.jpg
gh_security.jpg (135.84 KiB) Viewed 11986 times

xbb

03 Apr 2011, 00:20

now it's fixed

User avatar
webwit
Wild Duck

03 Apr 2011, 00:21

Smelled like sql injection.

JBert

03 Apr 2011, 00:36


User avatar
keyboardlover

03 Apr 2011, 01:29

IMav says its resolved.

User avatar
webwit
Wild Duck

04 Apr 2011, 03:33

My picture injection was better.

ripster

04 Apr 2011, 04:42

Needs MOAR RUSSIAN PORN!

Please see Runeazn's forum for links.

http://www.clickykeyboards.tk/phpBB3/vi ... 296f27fff8

There a few combinations I don't remember trying yet.

User avatar
Minskleip

05 Apr 2011, 14:37

I wouldn't like a cream pie surprise in my keyboard.

User avatar
muchadoaboutnothing

05 Apr 2011, 15:42

Fun little injection in a vulnerable plugin that allowed an XSS attack. Exploited a help center link vulnerability patched in late 2010 for Server 2k3/XP and a Java exploit only patched in the latest version of the runtime environment (and when java updates, it leaves old versions installed by default).

Clean now, it seems.

ripster

05 Apr 2011, 18:09

I'm more worried about the Epsilon breach.

I haven't gotten so much Spam on my alternate Gmail accounts since the Geekhack Group Key Buy Three.

User avatar
muchadoaboutnothing

05 Apr 2011, 18:38

I haven't had any change in spam volume since the Epsilon breach. I've actually gone down as of late; I expect this is due to Rustock getting taken down. Got 3 or 4 emails from companies that used them though warning me.

Mostly nigerian scams nowadays. I send an email back saying I can't get the forward funds until I get TWO HUNDRED US DOLLARS ($USD) to UNFREEZE THE FUNDS in my CITIBANK ACCOUNT. Once the funds are UNFROZEN I will tender them to you for this mutually beneficial business transaction.

I've gotten a couple replies from doing that. Some of the scammers were amused (well done), others were angry.

itlnstln

05 Apr 2011, 19:51

Ha. Geekhack is now categorized as a "malicious web site" by Websense. Oh well, that's the end of my participation there. I don't have the interest anymore to contact Websense to have them re-categorized.

User avatar
Peter

05 Apr 2011, 20:03

WEBSENSE ??
SO FUCKING WHAT ????
How much do you think the advertizers are paying websense to not flag THEM for the
third-party CRAPWARE they are responsible for distributing ?

User avatar
sixty
Gasbag Guru

05 Apr 2011, 20:11

My personal website, keyboardporn is tagged by almost all of those firewall distributions as well for the name alone!

User avatar
muchadoaboutnothing

05 Apr 2011, 22:20

itlnstln wrote:Ha. Geekhack is now categorized as a "malicious web site" by Websense. Oh well, that's the end of my participation there. I don't have the interest anymore to contact Websense to have them re-categorized.
Is it still blocked? I could shoot off an email to suggest@websense.com to get it delisted if it still is.

ripster

05 Apr 2011, 22:26

Try it. Right now the only lulz at Geekhack is a guy dressed up in a Panda suit so I want ItlnStln back!
Image

User avatar
webwit
Wild Duck

05 Apr 2011, 22:56

Send them this picture.

Image

Pylon

06 Apr 2011, 05:05

Well, I got infected so I decided I might as well do a reinstall.

Results:
1. Spent 2-3 hours reinstalling all my drivers and programs. (the Dell disk they included with my laptop doesn't include the drivers, so spent ton of time downloading and installing them) Went to bed at 12.
2. Tried to upgrade to Firefox 4. I didn't like the new interface and I was way too used to FF3, plus some of my addons don't work, so I moved back to 3.6. Also, the reinstall made me lose all my usual Awesome Bar addresses.
3. Finally fixed my Track Stick scrolling issues. Yes! (I had tons of scrolling issues on my Alps/Dell trackpoint unit on my laptop - it would jump around the page randomly at times). Now it's gone.
4. It's not really faster (I have a 5400rpm HDD that slows me down a lot).
5. Got rid of a ton of unnecessary programs since I didn't bother reinstalling them.
6. Got rid of a ton of rarely used bookmarks.
7. Cleaned up my desktop significantly.

ripster

06 Apr 2011, 07:28

I also enjoy spring cleaning. But next time get a SSD first.

itlnstln

06 Apr 2011, 14:02

Still blocked. It's fine for now, though. I have a ton of stuff I need to do at work, and this prevents me from wasting too much time. That, and like Ripster alluded to, there's not really a whole lot of lulz there anymore. Between that and a general lack of keyboard news, I kinda need a break anyway.

User avatar
webwit
Wild Duck

06 Apr 2011, 14:15

What do you mean "a general lack of keyboard news" ?
Man, Unicomp released a new model M Space Saver.
And think about all the exiting new brands sporting almost identical Taiwanese OEM Cherry products.

ripster

06 Apr 2011, 16:46

itlnstln wrote:Still blocked. It's fine for now, though. I have a ton of stuff I need to do at work, and this prevents me from wasting too much time. That, and like Ripster alluded to, there's not really a whole lot of lulz there anymore. Between that and a general lack of keyboard news, I kinda need a break anyway.
OCN is a good place to lurk for the lulz.

Keyboard GHOSTING!!!
http://www.overclock.net/keyboards/9838 ... oblem.html

noodles256

06 Apr 2011, 19:20

I hope I didn't get infected.

itlnstln

06 Apr 2011, 19:36

webwit wrote:What do you mean "a general lack of keyboard news" ?
Man, Unicomp released a new model M Space Saver.
And think about all the exiting new brands sporting almost identical Taiwanese OEM Cherry products.
Exactly.

The sad thing is, two years ago, this would have been a coup. Now it's just yawn-worthy.

ripster

06 Apr 2011, 20:38

Yes, I noticed how sad Geekhack was two years ago.

If it wasn't for Chloe and Sandy55 the technical content would have been a disaster!

Check for wine colored stains on your keyboard.

Post Reply

Return to “Geekhacker refugee camp”