SDS Posted May 13, 2006 Share Posted May 13, 2006 If our friend used an older known exploit, then those holes have been closed. I will forward the necessary lines of the log files to IPS to analyze and determine the nature of the exploit. I'm assuming this was an older exploit. I apologize for any trouble this may cause your machines. If we can get an identification of the nasties they tried to spread, we will post the steps necessary to check your machines and clean them. Link to comment Share on other sites More sharing options...
meazza Posted May 13, 2006 Share Posted May 13, 2006 I am using Win 2k server. I installed ad-aware and it seems to be fine. Link to comment Share on other sites More sharing options...
SDS Posted May 13, 2006 Author Share Posted May 13, 2006 Apparently, the Trojan was: Trojan.Byte Verify http://www.symantec.com/avcenter/venc/data...byteverify.html Link to comment Share on other sites More sharing options...
Chilly Posted May 13, 2006 Share Posted May 13, 2006 http://www.eset.sk/en/company/NOD32-users-...-Windows-system Link to comment Share on other sites More sharing options...
Pete Posted May 14, 2006 Share Posted May 14, 2006 расцелуйте моего ишака вы hackers commie Link to comment Share on other sites More sharing options...
mjjk73 Posted May 14, 2006 Share Posted May 14, 2006 so this where i got the trojans yesterday Link to comment Share on other sites More sharing options...
L.EvansHands Posted May 15, 2006 Share Posted May 15, 2006 how do i get rid of them Link to comment Share on other sites More sharing options...
jarthur31 Posted May 15, 2006 Share Posted May 15, 2006 how do i get rid of them 691275[/snapback] Wow. Read that Symantec link up above. Link to comment Share on other sites More sharing options...
SDS Posted May 15, 2006 Author Share Posted May 15, 2006 FWIW, there are a ton of IPB forums that have been hacked from ".ru" in the past week... Link to comment Share on other sites More sharing options...
udonkey Posted May 15, 2006 Share Posted May 15, 2006 Anyone not running anti-virus software can get a good for FREE at: http://free.grisoft.com/doc/1 Its what I use and recommend to those who are a bit thrifty Link to comment Share on other sites More sharing options...
stuckincincy Posted May 15, 2006 Share Posted May 15, 2006 Anyone not running anti-virus software can get a good for FREE at: http://free.grisoft.com/doc/1 Its what I use and recommend to those who are a bit thrifty 691457[/snapback] I've used Grisoft's free AVG product for some time. I recommend it, too. Also, Spybot and Ad-Aware SE. Link to comment Share on other sites More sharing options...
SDS Posted May 15, 2006 Author Share Posted May 15, 2006 Anyone not running anti-virus software can get a good for FREE at: http://free.grisoft.com/doc/1 Its what I use and recommend to those who are a bit thrifty 691457[/snapback] FWIW, the hack isn't necessarily trojan related. The dude could have just wiped the board clean if he wanted to. The security updates that were performed were done to prevent malicious changes/exploitation in code on the server. His preference was just to try and make people download a file or two, but other sites have been affected in different ways. Link to comment Share on other sites More sharing options...
Crap Throwing Monkey Posted May 15, 2006 Share Posted May 15, 2006 FWIW, the hack isn't necessarily trojan related. The dude could have just wiped the board clean if he wanted to. 691472[/snapback] But instead, he decided to be malicious and make us sit though our daily "SOMEONE PLEASE TELL ME MCGAHEE'S FORTY TIME!!!" thread...? Link to comment Share on other sites More sharing options...
SDS Posted May 15, 2006 Author Share Posted May 15, 2006 But instead, he decided to be malicious and make us sit though our daily "SOMEONE PLEASE TELL ME MCGAHEE'S FORTY TIME!!!" thread...? 691545[/snapback] Link to comment Share on other sites More sharing options...
Orton's Arm Posted May 16, 2006 Share Posted May 16, 2006 But instead, he decided to be malicious and make us sit though our daily "SOMEONE PLEASE TELL ME MCGAHEE'S FORTY TIME!!!" thread...? 691545[/snapback] C'mon Tom. I know you have McGahee's post-injury 40 time. You're holding out on us! Maybe another 20 or 30 threads on the subject will get you to open up. Link to comment Share on other sites More sharing options...
Recommended Posts