Difficulty accessing Amibay, Alerts.
- Thread starter ratfink
- Start date
- Replies 89
- Views 2672
This is exactly why everyone should stop using java 100%.The world wide web was fine before java and all they eye candy, I think that a lot of wweb site designer should take the stance and ditch it all together, otherwise the scammers are just going to keep coming.
I refuse to run Java on my sites, just plain HTML code.
I refuse to run Java on my sites, just plain HTML code.
same here with the front page getting that cookie already sent, direct link to any thread works ok.
Using Symbian's browser on a nokia E series now
---------- Post added at 21:17 ---------- Previous post was at 20:43 ----------
Whatever it was looks sorted now.
Using Symbian's browser on a nokia E series now
---------- Post added at 21:17 ---------- Previous post was at 20:43 ----------
Whatever it was looks sorted now.
The classicamiga server was attacked over night with the index files of most sites hosted on there having a eval hash line added to the top of each files. This redirected the sites to USA.cc
I edited and removed the injected code, and it restored some sites, but some of the more complex ones like Joomla it didn't work and I'm going to have to look through them more.
All that I need at the moment.
The Amibay server wasn't affected at that time when that attack happened, but it seems similar from all your reports here. I will look at the site files when I get home from the hospital later and see what had happened.
Luckily I always alter the file structure of vBulletin sites when I set them up so the majority of the sites don't rely on the standard index files for most of it to work, so only the first home page will go down.
I edited and removed the injected code, and it restored some sites, but some of the more complex ones like Joomla it didn't work and I'm going to have to look through them more.
All that I need at the moment.
The Amibay server wasn't affected at that time when that attack happened, but it seems similar from all your reports here. I will look at the site files when I get home from the hospital later and see what had happened.
Luckily I always alter the file structure of vBulletin sites when I set them up so the majority of the sites don't rely on the standard index files for most of it to work, so only the first home page will go down.
Web Virus phishing ???
Web Virus phishing ???
Since about 3-4 hours now my Kaspersky is going nuts when i open amibay main page.
anyone else ?
404.php?go=1 Denied: http://rjnotxs.igg.biz/d/404.php?go=1 (analysis using the database of phishing URLs) 11/05/2012 21:31:51
The requested URL cannot be provided
URL:
http://rjnotxs.igg.biz/d/404.php?go=1
Blocked by Web Anti-Virus
Reason: phishing URL
Click here if you believe that the web page was blocked in error.
Detect method: databases
Web Virus phishing ???
Since about 3-4 hours now my Kaspersky is going nuts when i open amibay main page.
anyone else ?
404.php?go=1 Denied: http://rjnotxs.igg.biz/d/404.php?go=1 (analysis using the database of phishing URLs) 11/05/2012 21:31:51
The requested URL cannot be provided
URL:
http://rjnotxs.igg.biz/d/404.php?go=1
Blocked by Web Anti-Virus
Reason: phishing URL
Click here if you believe that the web page was blocked in error.
Detect method: databases
Last edited:
Tajmaster
Truth, Justice, all that stuff.
Errr,no.
The site appears to have been attacked by a malicious PHP script exploit. Foprtunately, it wasn't totally successful. There is also a URL redirect, that my Eset System Security found.
I've sent the details to Harrison and AndyLandy and we hope to get it fixed shortly.
I've sent the details to Harrison and AndyLandy and we hope to get it fixed shortly.
the index dont work for me like many others by the way. so i just used one of my history views of any post and use the new post feature.
Haven't left the site since last night and no alerts here. Doing a full scan right now with MSE though. Windows 7 and Google Chrome here.
Just FYI in case it helps with info gathering ...
Just FYI in case it helps with info gathering ...
@ all
If a Java icon appears in your systray when accessing the site, kill it immediately.
This is part of the exploit and the script may be trying to distribute malware via javascript.
I've been researching this and digging all evening to find out what happened.
If a Java icon appears in your systray when accessing the site, kill it immediately.
This is part of the exploit and the script may be trying to distribute malware via javascript.
I've been researching this and digging all evening to find out what happened.
"heads off to options>dissable java"
ok hope that keeps it away nasty things.
ok hope that keeps it away nasty things.
specialK
New member
hmmm...had the same issue but the antivirus software popped up, ran scan and all is OK. strange.
nah...edit that...still broken.
nah...edit that...still broken.
Last edited:
Well I can get in via the main page by doing the direct url so: https://www.amibay.com/index.php but Norton is still doing the pop-up about that mal-attack.
High risk messages usually raises my neckhair
High risk messages usually raises my neckhair
'twas the same for me yesterday (and today) - Win 7, Firefox 12, AVG Internet Security 2012
It's all the p0rn you guys visit
---------- Post added at 07:58 ---------- Previous post was at 07:57 ----------
Just realised, I don't have Java installed, so that might be why I've had no issues.
---------- Post added at 08:22 ---------- Previous post was at 07:58 ----------
LOL, just visited the front page and got this
Problem accessing www.amibay.com
Problem accessing www.amibay.com
As of this morning I haven't been able to access Amibay via https://www.amibay.com
Firefox, IE and Opera return:
Unable to add cookies, header already sent.
File: /homepages/1/d277227762/htdocs/amibay/forum/index.php(1) : eval()'d code
Line: 7
(Opera worked ok for a little bit but then began returning this message too).
Using existing in-Amibay history links it's possible to get an Amibay page displayed and log-in (which is how I did it now).
Problem accessing www.amibay.com
As of this morning I haven't been able to access Amibay via https://www.amibay.com
Firefox, IE and Opera return:
Unable to add cookies, header already sent.
File: /homepages/1/d277227762/htdocs/amibay/forum/index.php(1) : eval()'d code
Line: 7
(Opera worked ok for a little bit but then began returning this message too).
Using existing in-Amibay history links it's possible to get an Amibay page displayed and log-in (which is how I did it now).