Get exclusive CAP network offers from top brands

View CAP Offers

Trojan found from gam website

[bsa_pro_ad_space id=2]
  • This topic is empty.
Viewing 15 posts - 1 through 15 (of 24 total)
  • Author
    Posts
  • #680099
    Anonymous
    Inactive

    I will take a look, love looking at viruses. I find them interesting, but I doubt a site can spawn a threatening virus. Perhaps it could had been a feeble attempt to install some spyware or adware. greek39

    #680116
    Anonymous
    Inactive

    Have you not seen Microsoft’s “rush released” patch for wmf (metafile) images this week? Someone discovered a vulnerability whereby you coul dplace malicious code in one and just visiting a webpage could trigger it. Its been wreaking havoc.

    #680121
    Anonymous
    Inactive

    Yes I have the patch was realeased befor xmas. It is a nasty worm old school language but I have never been worried about viruses of any kind. The only one worth worrying about are the ones realeased by oldtimers.

    The IE shield will always have holes for all eternity. greek39

    #680128
    Anonymous
    Inactive

    Don’t worry about it – it is NOT a virus. It is simply a small exploit in IE that allows a page to be cloaked based on certain conditions. I don’t want to go into details about what exactly the exploit does and why a webmaster would want to use it (all I need is a bunch of affiliate drones using my tricks to compete with me) – but I will say that it’s nothing to worry about and in no way jeopardizes your computers privacy or security.

    #680150
    Anonymous
    Guest

    well I very much didn’t appreciate it and would never again visit any site that set that warning off simply because … why risk it?

    consider throwing your bag of “tricks” out the window and just approach things the way you would want to be treated if you were the surfer; and not the webmaster.

    I feel I’d be wasting my breath to go into it much further because IMHO people who look for the short cuts in life seldom are willing to listen to those that have went before them for anything much more than to be pointed in the right direction.

    But what I said is good advice.

    #680155
    Anonymous
    Inactive

    For the record that website is not mine – I’m simply letting people know that this is not a virus and is simply a piece of code that examines your system set up a bit too much for some firewalls (setting them off).

    #680217
    Anonymous
    Inactive

    So I guess some sort of hacking code. I will investigate this one sounds interesting. I sure hope its not a malicious attack. greek39

    #680220
    Anonymous
    Inactive
    bb1webs wrote:
    Hi all,

    every once in a while I check out the competition as I know many of you do as well; or at least I sure get my share of visits from CAP members :)

    anyway, so I was checking out a site competing with me at a PPC (ya that’s right, I clicked on their link, and I feel confident I’m still way behind if anybody’s been keeping track because this is the first time in about 2 years I’ve bothered to look around and I know I get my share of other webmasters clicking on my links; so don’t even start with me on that one :)

    and anyway I was surprised to have my McAfee jump up and say

    the site was at (DON’T go there unless you have virus protection as it automatically came on my PC):
    xhttp://www.turbogambling.org/?src=o&kwd=cs

    just curious if anybody knows what the angle is on this?

    Trojans hmmmm. Well anytime there is something like that involved you know its not a good thing.

    I am confindent what you have is a trojan worm of the worst kind find the path from you anti virus program and delete manually. As per my previous post.

    What happened a couple of months ago Microsoft finally found a hole in their firewall, which has been there for years. I knew about this long before microsoft. Microsoft released a patch for it in December, 2004 for those people who did not updated are acceptable to theses kinds of attacks. After some malcious hackers heard the announcement from microsoft they lauched a new virus campaign. The automatic update feature for this patch does not work. You have to go right to Microsoft.

    The hole allowed access to would be malcious hackers, spyware distributors to totally take over your computer.

    I have the newest patch also but after running some checks it too has holes. But install the newest patch, Go back to your anti virus program find the virus it deleted. Get the path name run a search to make double sure its gone.

    The worm likes to change language so even though you may thought it to be gone it still there. greek39

    #680235
    Anonymous
    Inactive

    LOL, your posts always crack me up greek :blahblah:

    Anyone else notice that every one of greeks posts makes him out to be an expert in whatever topic is being discussed, from computer security to international gambling law? Go take a look…

    So tell me greek, how is exactly is a text file in the default cookies folder explicitly being accessed “a trojan worm of the worst kind”? Anyone with a solid knowledge of client side scripting could easily see exactly what the javascript is doing to set off the firewall, and it is far from malicious! I don’t normally like to single out someone like this, but greeks posts are getting ridiculous so I’ll be the one to call him out. Greek, if you don’t know what your talking about (which for this topic you clearly do not) please stop announcing to the community that the sky is falling and that everyone should be very worried about the seriousness of whatever issue, when there is absolutely no reason to ring the alarm bells.

    I’ve said my piece… feel free to prove me wrong and explain to the community exactly how this code is indeed a very series worm that exploits a hole in Microsoft’s firewall because I know I am certainly all ears.

    PS: Next time you find a serious Microsoft flaw years before others will discover it let me know, because it is a publically known fact that Microsoft pays security consultants (aka white hat hackers) tens of thousands of dollars for any significant exploit they find in a Microsoft product :D

    #680240
    Anonymous
    Inactive

    What is a IEPageSpoof trojan so whats the problem

    The Problem

    The DHTML Editing Control is vulnerable to a cross-domain violation. When the DHTML Editing Control opens the content from a website, it appears to operate within the security context of that website. While the DHTML Editing Control has the security context of the opened site, the DHTML Editing Control is under full control of the page that hosts it. Working indirectly through the DHTML Editing Control, a website in one domain has the ability to access information in another domain or zone.
    II. Impact
    By convincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message), an attacker may be able to execute script in the Local Machine Zone. Script that executes in the Local Machine Zone can be used to download and execute arbitrary code. An attacker may obtain full access to web content in another domain, which may reside in a different security zone. The impact is similar to that of a cross-site scripting vulnerability. This includes the ability to spoof or modify web content, access website information such as cookies, or retrieve data from an encrypted HTTPS connection. For a more detailed description of the impact of cross-site scripting vulnerabilities.

    I never claimed to be an expert at anything. Now take a good hard look at the facts. Its a worm!!!launched via email or website installs scripts which can do many things. Now its your turn do be the expert and tell me what this says. Because I viewed this worm last week. greek39

    #680246
    Anonymous
    Inactive

    Here’s some more this is the one I invited in last week.

    Currently, security firms are warning that machines can be attacked if users do any of the following:

    open a malicious .WMF file in Windows Picture and Fax Viewer

    open a malicious .WMF file in Windows Picture and Fax Viewer

    or preview a malicious .WMF file in Windows Explorer

    However, the number of attacks could increase dramatically if malicious hackers find more automated ways to target systems, such as using e-mail, instant messages or file sharing, according to Ken Dunham, director of the rapid response team at VeriSign’s iDefense.
    Attacks so far have been limited to installation of adware and spyware on compromised machines, but “you’re probably going to see Trojans and more sinister code develop and emerge in the next few days,” Dunham said in an interview.
    There is no patch for the security hole. While some workarounds are being suggested on the Web, Dunham is only validating this one for disabling .WMF file handling: First, users should click on the Start button on the taskbar. Then they should click on Run, type “regsvr32 /u shimgvw.dll” and click “Ok” when the change dialog appears.
    However, Dunham warns that recent vulnerabilities related to .WMF have also included .EMF files and that “it is possible that exploitation might still be possible through alternative file types such as EMF,” he wrote in an e-mail alert. “For now, the WMF disabling workaround may help mitigate attacks against vulnerable Windows XP/2003 computers. This workaround may impact the display of thumbnails or other images on the computer.”
    Microsoft is investigating “new public reports of a possible vulnerability in Windows,” said a company spokesman. “Upon completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a fix through our monthly release process or issuing a security advisory, depending on customer needs.”
    In the meantime, Microsoft encourages its customers follow its recommended security practices, he wrote. Users who believe they have been affected can contact Microsoft’s product support team, he wrote. Ways to make this contact vary depending on where users are based. More information can be found on the Microsoft website.Dunham characterises the threat as “significant,” while Secunia rates it “extremely critical.” Symantec Corp. labels it as a “level two” threat, on a scale in which “level four” is the most critical.
    Secunia lists the vulnerable operating systems as Windows Server 2003 Datacenter Edition, Windows Server 2003 Enterprise Edition, Windows Server 2003 Standard Edition, Windows Server 2003 Web Edition, Windows XP Home Edition and Windows XP Professional.

    Geeze there can’t be holes in the windows firewall? Read the book get the key and learn. But please there is no need to attack my character. Junket

    #680248
    Anonymous
    Inactive
    ClarkePromotion wrote:
    Don’t worry about it – it is NOT a virus. It is simply a small exploit in IE that allows a page to be cloaked based on certain conditions. I don’t want to go into details about what exactly the exploit does and why a webmaster would want to use it (all I need is a bunch of affiliate drones using my tricks to compete with me) – but I will say that it’s nothing to worry about and in no way jeopardizes your computers privacy or security.

    So I must ask do you use this nasty technigue to compete? It appears you have stated it. Its a black hatter trick. The trick you employ is not ethical one thats for sure. This is what IEspoof is for deception. greek39:flamer:

    #680249
    Anonymous
    Inactive

    If I used these shameful tricks I too would be defensive. Go back to your black hatter club scum bag. I got the facts now!!! Grow a freakin brain. No wonder you trying to devert attention away from who you are. Thats your motivation behind your stinkin post.

    #680262
    vladcizsol
    Member

    Guys this is an interesting post so lets not get off topic with personal wrestling matches.

    Clarke Promotion please do not flame other members. You clearly started this dispute with Greek and it was unwarranted. Cut it out, we dont flame each other here at CAP. :nono:

    #680275
    Anonymous
    Inactive

    I apologize and will respectfully stop. Greek39

Viewing 15 posts - 1 through 15 (of 24 total)