Go Back   hwbot.org > Offtopic > Offtopic

Offtopic Anything goes.

Reply
 
Thread Tools
  #1  
Old 07-22-2013, 07:04
Massman's Avatar
Massman Massman is offline
Abhorrently evil braindead kind-hearted money-driven child-hating short-sighted hardware-sharing cheating
macho nacho supreme discriminating clueless idiot boy genius with sense of humor
 
Join Date: Jul 2006
Location: Waregem, Belgium
Posts: 18,247
Send a message via MSN to Massman
Default Dynamoo's Blog: msi.com hacked with kristians1.net

Yeah ... this is going to be a massive PR problem, I think. Two questions:

1) Will MSI issue a press release to acknowledge the issue and inform the public when it's solved?
2) How did the virus get there?

Quote:
The website of msi.com (a major computer manufacturer) has been hacked and is serving up malware, despite MSI being informed of the problem. Injected code pointing to the domain kristians1.net (83.143.81.2, ServeTheWorld AS Norway) has been injected into the site and is serving up an exploit kit (report here).

This is not the only time msi.com has been hacked. Most significantly, they recently had 50,000 accounts leaked and their site defaced. Zone H also reports several recent defacements and Google reports that part of the site has been listed as containing malware 4 times over the past 90 days.

What is the current listing status for msi.com?

This site is not currently listed as suspicious.
Part of this site was listed for suspicious activity 4 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 2470 pages we tested on the site over the past 90 days, 16 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-07-15, and the last time suspicious content was found on this site was on 2013-06-16.Malicious software includes 23 exploit(s), 2 trojan(s). Successful infection resulted in an average of 1 new process(es) on the target machine.
Malicious software is hosted on 5 domain(s), including abdelmonem.net/, oportunidadesdesdesucasa.com/, jobsreal.biz/.
1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including for-test-only.ru/.
This site was hosted on 10 network(s) including AS12859 (NL), AS26228 (SERVEPATH), AS8220 (COLT).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, msi.com appeared to function as an intermediary for the infection of 1 site(s) including 2k11.co.za/.
http://blog.dynamoo.com/2013/07/msic...tians1net.html
__________________
Where courage, motivation and ignorance meet, a persistent idiot awakens.
Reply With Quote
  #2  
Old 07-22-2013, 08:40
Vivi Vivi is offline
transformer
 
Join Date: May 2008
Location: SOUTH AFRICA
Posts: 898
Default

hey 2k11.co.za is a local site here lol. totally junk ripoff site tho, i never use it, seems fake looking
__________________
Quote:
Originally Posted by SoF View Post
if I am not able to run sub 6.3s at 6.8ghz, I am not worthy to even screen it!


Reply With Quote
  #3  
Old 07-22-2013, 09:15
Sam OCX Sam OCX is offline
.
 
Join Date: Dec 2006
Posts: 2,022
Send a message via ICQ to Sam OCX Send a message via MSN to Sam OCX Send a message via Skype™ to Sam OCX
Default

could the hackers be responsible for weird MOA rules?
Reply With Quote
  #4  
Old 07-22-2013, 12:30
knopflerbruce knopflerbruce is offline
1guy4000cups
 
Join Date: Mar 2007
Location: Oslo, Norway
Posts: 4,368
Default

I have nothing to do with this. I swear
__________________

Quote:
Originally Posted by sno.lcn
I was just searching for some good dick cloning software, guess I was doing it wrong, got all kinds of results I wasn't expecting
Reply With Quote
  #5  
Old 07-22-2013, 14:22
sin0822 sin0822 is offline
Banned by Leeghoofd
 
Join Date: Oct 2011
Location: ASIA
Posts: 951
Default

some dudes hacked my site, but I know who they are now.
__________________
Reply With Quote
  #6  
Old 07-22-2013, 16:00
CL3P20's Avatar
CL3P20 CL3P20 is offline
grunt bot
 
Join Date: Sep 2007
Location: NCAL
Posts: 114
Send a message via Skype™ to CL3P20
Default

Quote:
Originally Posted by sin0822 View Post
some dudes hacked my site, but I know who they are now.
Did you have to follow the cookie crumbs?
__________________
Honeycomb Hero
Reply With Quote
  #7  
Old 07-22-2013, 17:16
M.Beier's Avatar
M.Beier M.Beier is offline
-deleted-
 
Join Date: Apr 2006
Location: Denmark
Posts: 736
Default

So basicly MSI users are in risk when wanting to update their drivers, that really sucks...
Could you, Massman, find compare info with ASUS, ASRock, Gigabyte and others, to see if its a common thing, or just MSI having issues?

Quote:
Originally Posted by sin0822 View Post
some dudes hacked my site, but I know who they are now.
LOL, good stuff Im not being accused of this one hah
__________________
Quote:
Originally Posted by El Gappo View Post
Went down quicker than Sin on a Gigabyte rep
Quote:
Originally Posted by Massman
I'm willing to try everything
Reply With Quote
  #8  
Old 07-22-2013, 17:52
sin0822 sin0822 is offline
Banned by Leeghoofd
 
Join Date: Oct 2011
Location: ASIA
Posts: 951
Default

Quote:
Originally Posted by CL3P20 View Post
Did you have to follow the cookie crumbs?
I had a friend do it. I don't like software.
__________________
Reply With Quote
  #9  
Old 07-29-2013, 09:17
Dreadlockyx Dreadlockyx is offline
robo cop
 
Join Date: Sep 2009
Location: 127.0.0.1
Posts: 450
Default

Seems like a JavaScript injection. I personally don't know how to do it, but I think you've got to change the source code of a page for the code to be executed.
__________________
Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 20:30.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Copyright COLARDYN IT GCV 2004 - 2013