-
Happy Birthday ICMag! Been 20 years since Gypsy Nirvana created the forum! We are celebrating with a 4/20 Giveaway and by launching a new Patreon tier called "420club". You can read more here.
-
Important notice: ICMag's T.O.U. has been updated. Please review it here. For your convenience, it is also available in the main forum menu, under 'Quick Links"!
website compromised
- Thread starter Phillthy
- Start date
WizeWizo
Member
Huh? worked fine for me just now....
Mulletsoda
Member
I second the compromised website, URL : http://www.hydrogrowled.com/
First time I visited I was redirected to www1.firesavez7.com, where I recieved a pop-up warning "Warning, your computer is at risk of malware attacks. We recommend you to check your system immediately. Press OK to start the process now", giving you only OK as a choice.
Then it lands on http://www1.firesavez7.com/?p=p52dc...SZpueZVahp2R1lV+ZY2OXZpqcl1ealXOppomwm5h2bHFs, where it acts like it's doing a scan of my Windows computer ( Hm... I'm running linux, so how does my My Documents folder have viruses?? ), finding several. Then it tries to force a download of : http://www1.savemypc1.xorg.pl/mak10...wm5h2bHFsXqzWj6fTlW2gmaCcqpbOlVbMk7XJx5qpb2c= ... here's the VirusTotal result from the .exe that got dropped : http://www.virustotal.com/analisis/...e09c4a712b71408d69d2eb04c8dcf7e938-1273320112
This only happens the first time I visit the main site, repeated visits do not trigger this behavior. Clearing my cache and cookies, then revisiting the site, does result in the download being dropped again.
This isn't unusual, websites are compromised every day, it's not a super big deal. Contact the person who manages the site, it's something that needs to be taken care of. Nice site, though providing a Wikipedia link to back up your claims isn't the most credible source. ;-)
Off this topic, though... do your lights use PWM? I have yet to look deep into LED grows, but from my experience with LEDs, you can get much more out of them with a 20-30% current increase on a 10% duty cycle. Is that something that would make a difference, has it already been implemented? I know that modifying the amount of current flowing through the LED can effect the output wavelength, too... I'm curious as to what conclusions you've reached on that topic. LEDs are definitely on my todo list; I'm watching, I believe in LED technology.
First time I visited I was redirected to www1.firesavez7.com, where I recieved a pop-up warning "Warning, your computer is at risk of malware attacks. We recommend you to check your system immediately. Press OK to start the process now", giving you only OK as a choice.
Then it lands on http://www1.firesavez7.com/?p=p52dc...SZpueZVahp2R1lV+ZY2OXZpqcl1ealXOppomwm5h2bHFs, where it acts like it's doing a scan of my Windows computer ( Hm... I'm running linux, so how does my My Documents folder have viruses?? ), finding several. Then it tries to force a download of : http://www1.savemypc1.xorg.pl/mak10...wm5h2bHFsXqzWj6fTlW2gmaCcqpbOlVbMk7XJx5qpb2c= ... here's the VirusTotal result from the .exe that got dropped : http://www.virustotal.com/analisis/...e09c4a712b71408d69d2eb04c8dcf7e938-1273320112
This only happens the first time I visit the main site, repeated visits do not trigger this behavior. Clearing my cache and cookies, then revisiting the site, does result in the download being dropped again.
This isn't unusual, websites are compromised every day, it's not a super big deal. Contact the person who manages the site, it's something that needs to be taken care of. Nice site, though providing a Wikipedia link to back up your claims isn't the most credible source. ;-)
Off this topic, though... do your lights use PWM? I have yet to look deep into LED grows, but from my experience with LEDs, you can get much more out of them with a 20-30% current increase on a 10% duty cycle. Is that something that would make a difference, has it already been implemented? I know that modifying the amount of current flowing through the LED can effect the output wavelength, too... I'm curious as to what conclusions you've reached on that topic. LEDs are definitely on my todo list; I'm watching, I believe in LED technology.
Mulletsoda
Member
http://img98.imageshack.us/img98/5001/screenshot4y.png
Just remember, folks... no website will ever be able to tell you that you have a virus. Do not EVER believe if someone (something) both tells you there is a problem and offers to fix it. It makes me sad that so many people fall for these things every day...
Any real, professional program will not contain grammatical errors or mis-spelled words like
"Windows Web Security have detected Trojans and ready to remove them"
"can gather information from user's computer throught Internet connection"
Stay safe, and good luck!!
PS LEDgirl (or whoever runs that site) your site has not yet been flagged by Google as a malware distributor, if you can get it fixed before then, it'll save you tons of work.
http://giftbusinessowners.com/has-your-website-been-hacked-or-compromised.html
http://www.stopbadware.org/home/security
Just remember, folks... no website will ever be able to tell you that you have a virus. Do not EVER believe if someone (something) both tells you there is a problem and offers to fix it. It makes me sad that so many people fall for these things every day...
Any real, professional program will not contain grammatical errors or mis-spelled words like
"Windows Web Security have detected Trojans and ready to remove them"
"can gather information from user's computer throught Internet connection"
Stay safe, and good luck!!
PS LEDgirl (or whoever runs that site) your site has not yet been flagged by Google as a malware distributor, if you can get it fixed before then, it'll save you tons of work.
http://giftbusinessowners.com/has-your-website-been-hacked-or-compromised.html
http://www.stopbadware.org/home/security
If it is the one that when completed acts like it's windows and needs to delete viruses it found,it is a bitch to get out of your system once installed and the picture shown above it EXACTLY what I'm talking about.
Good heads up by you guys. Looks like one of the trouble makers that got banned for stirring shit in her forum bought himself a new book at the Geek Convention last week.
Have A Great Day
Mr.Wags
Good heads up by you guys. Looks like one of the trouble makers that got banned for stirring shit in her forum bought himself a new book at the Geek Convention last week.
Have A Great Day
Mr.Wags
Mulletsoda
Member
99% of the time websites are compromised by automated attacks; there's rarely any type of human decision involved in this. It was most likely a bot that was systematically scanning entire ranges, looking for unpatched or open systems. If it was a targeted attack motivated by an angry desire for revenge, I would think they would deface the website instead of a minor exe drop. It's unfortunate, but actually pretty common.
T
tokinafaty420
Yeah her website was compromised due to the computer used to access it. Whoever does her web admin work probably has a keylogger/trojan on their computer.
One of my sites was hit by this about six months ago.
EVERYONE NOTE: If you visited the LED site you MUST run an anti-virus with a ROOT KIT scan to get rid of it.
That means you must PAY for the anti-virus as few free ones will do that indepth a check of your computer!
If ever there was something worth paying for, it's a good antivirus program. I recommend Zone Alarm.
There is a cyberwar going on, and if you're not protected, you shouldn't be on the Net!
EVERYONE NOTE: If you visited the LED site you MUST run an anti-virus with a ROOT KIT scan to get rid of it.
That means you must PAY for the anti-virus as few free ones will do that indepth a check of your computer!
If ever there was something worth paying for, it's a good antivirus program. I recommend Zone Alarm.
There is a cyberwar going on, and if you're not protected, you shouldn't be on the Net!
We found out about the problem late last night and are working to resolve the issue. Someone obviously hacked our site, no doubt it was someone who had something to gain from it like one of our competitors (just so happens one of them called me on the phone 2 days ago more or less asking for a "truce"). Hopefully we will have the problem resolved today, and the culprits identified.
I will inform you when it's OK to visit the site again...
I will inform you when it's OK to visit the site again...
Mulletsoda
Member
Stay safe
Stay safe
There are actually several very good root kit removers available for free. It's in everybody's interest to help stop/slow the spread of malware. To protect their paying customers, many security firms offer free versions to help lower the number of bots out in the wild, in turn making it safer for subscribers. Paying for them will get you more features, but the free versions are quality, too. Here are a few links to help out if anybody thinks they may have gotten internet STDs, these are rootkit detectors/removers...
http://download.cnet.com/windows/sp...filterName=licenseName=Free|&tag=ltcol;narrow
http://www.sophos.com/products/free-tools/sophos-anti-rootkit.html
http://www.gmer.net/#start
http://www.techsupportalert.com/best-free-rootkit-scanner-remover.htm
All of the antivirus/root kit removers linked here are from major antivirus firms and are provided for free to the public. There is a very active and helpful community devoted to protecting the masses on the internet, cost free. You could also consider switching to an open source alternative like Ubuntu...
http://download.cnet.com/windows/an...filterName=licenseName=Free|&tag=ltcol;narrow <~~ A list of antivirus software, free licenses for non-commercial use.
Again, sorry about the site, bad luck there! Good luck in the future!
Stay safe
There are actually several very good root kit removers available for free. It's in everybody's interest to help stop/slow the spread of malware. To protect their paying customers, many security firms offer free versions to help lower the number of bots out in the wild, in turn making it safer for subscribers. Paying for them will get you more features, but the free versions are quality, too. Here are a few links to help out if anybody thinks they may have gotten internet STDs, these are rootkit detectors/removers...
http://download.cnet.com/windows/sp...filterName=licenseName=Free|&tag=ltcol;narrow
http://www.sophos.com/products/free-tools/sophos-anti-rootkit.html
http://www.gmer.net/#start
http://www.techsupportalert.com/best-free-rootkit-scanner-remover.htm
All of the antivirus/root kit removers linked here are from major antivirus firms and are provided for free to the public. There is a very active and helpful community devoted to protecting the masses on the internet, cost free. You could also consider switching to an open source alternative like Ubuntu...
http://download.cnet.com/windows/an...filterName=licenseName=Free|&tag=ltcol;narrow <~~ A list of antivirus software, free licenses for non-commercial use.
Again, sorry about the site, bad luck there! Good luck in the future!
Yeah, good one Mulletsoda! 
I still think its good to pay for an antivirus/firewall because they do a lot to protect you and no, you're not likely find that level of service for free. You want your antivirus to stop the virus before it infects your machine.
I've tried a LOT of freebies over the years and few were any good (zone alarm's freebie being one of the best). In fact relying upon freebies caused more problems than they solved, mostly cause they often give you a false sense of security (cause they always lack features you need). Again I say it's worth it to spend $30-$40 to keep your life's work safe and intruders out.
I do worry about American software companies being compromised security wise by the gov't. The US gov't gets keys to every piece of US software apparently, esp. the most popular ones, so they can eavesdrop on any computer running US software. If you don't believe me, then read up on the latest US efforts against cyberterror and you will realize NOTHING is sacred or private that's electronic.
One must learn to accept that reality and live with, and not engage in illegal activities, esp. on the net, so ppl don't have to live in fear of their own gov't... (yeah, right!)
I still think its good to pay for an antivirus/firewall because they do a lot to protect you and no, you're not likely find that level of service for free. You want your antivirus to stop the virus before it infects your machine.
I've tried a LOT of freebies over the years and few were any good (zone alarm's freebie being one of the best). In fact relying upon freebies caused more problems than they solved, mostly cause they often give you a false sense of security (cause they always lack features you need). Again I say it's worth it to spend $30-$40 to keep your life's work safe and intruders out.
I do worry about American software companies being compromised security wise by the gov't. The US gov't gets keys to every piece of US software apparently, esp. the most popular ones, so they can eavesdrop on any computer running US software. If you don't believe me, then read up on the latest US efforts against cyberterror and you will realize NOTHING is sacred or private that's electronic.
One must learn to accept that reality and live with, and not engage in illegal activities, esp. on the net, so ppl don't have to live in fear of their own gov't... (yeah, right!)
LoudBlunts
Member
ut-oh look at you mullet....lol
good thing yall got my boy on yall side
good thing yall got my boy on yall side
M
mSeTxOiNcEaRn
Ive had that happen before but i lerned not to click on anything once that happens. I just open my task manager and end process from there. I use panda internet security and it does a good job.
Frosty Buds
Member
I have the best free anti-virus software of all, Ubuntu, I can download any Windows virus and it will just sit there on the HDD looking like a dumb sh!t and doing nothing.
Windows is a virus with mouse support!
Windows is a virus with mouse support!
The site is back online now and will be changing over the next week to resemble more of what it used to. Shopping functionality is restored and the virus attack is now gone. I have restored the link in my signature, and Skip should be getting our banner back online soon.
