Go Back   hwbot.org > Offtopic > Offtopic

Offtopic Anything goes.

Reply
 
Thread Tools
  #1  
Old 07-22-2013, 07:04
Massman's Avatar
Massman Massman is offline
In the distance
 
Join Date: Jul 2006
Location: Waregem, Belgium
Posts: 19,214
Send a message via MSN to Massman
Default Dynamoo's Blog: msi.com hacked with kristians1.net

Yeah ... this is going to be a massive PR problem, I think. Two questions:

1) Will MSI issue a press release to acknowledge the issue and inform the public when it's solved?
2) How did the virus get there?

Quote:
The website of msi.com (a major computer manufacturer) has been hacked and is serving up malware, despite MSI being informed of the problem. Injected code pointing to the domain kristians1.net (83.143.81.2, ServeTheWorld AS Norway) has been injected into the site and is serving up an exploit kit (report here).

This is not the only time msi.com has been hacked. Most significantly, they recently had 50,000 accounts leaked and their site defaced. Zone H also reports several recent defacements and Google reports that part of the site has been listed as containing malware 4 times over the past 90 days.

What is the current listing status for msi.com?

This site is not currently listed as suspicious.
Part of this site was listed for suspicious activity 4 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 2470 pages we tested on the site over the past 90 days, 16 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-07-15, and the last time suspicious content was found on this site was on 2013-06-16.Malicious software includes 23 exploit(s), 2 trojan(s). Successful infection resulted in an average of 1 new process(es) on the target machine.
Malicious software is hosted on 5 domain(s), including abdelmonem.net/, oportunidadesdesdesucasa.com/, jobsreal.biz/.
1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including for-test-only.ru/.
This site was hosted on 10 network(s) including AS12859 (NL), AS26228 (SERVEPATH), AS8220 (COLT).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, msi.com appeared to function as an intermediary for the infection of 1 site(s) including 2k11.co.za/.
http://blog.dynamoo.com/2013/07/msic...tians1net.html
__________________
Where courage, motivation and ignorance meet, a persistent idiot awakens.
Reply With Quote
  #2  
Old 07-22-2013, 08:40
Vivi Vivi is offline
HWBOT Staff
 
Join Date: May 2008
Location: SOUTH AFRICA
Posts: 1,215
Default

hey 2k11.co.za is a local site here lol. totally junk ripoff site tho, i never use it, seems fake looking
__________________
Quote:
Originally Posted by SoF View Post
if I am not able to run sub 6.3s at 6.8ghz, I am not worthy to even screen it!


Reply With Quote
  #3  
Old 07-22-2013, 09:15
Sam OCX Sam OCX is online now
.
 
Join Date: Dec 2006
Posts: 2,224
Send a message via ICQ to Sam OCX Send a message via MSN to Sam OCX Send a message via Skype™ to Sam OCX
Default

could the hackers be responsible for weird MOA rules?
Reply With Quote
  #4  
Old 07-22-2013, 12:30
knopflerbruce knopflerbruce is offline
1guy4000cups
 
Join Date: Mar 2007
Location: Oslo, Norway
Posts: 4,475
Default

I have nothing to do with this. I swear
__________________

Quote:
Originally Posted by sno.lcn
I was just searching for some good dick cloning software, guess I was doing it wrong, got all kinds of results I wasn't expecting
Reply With Quote
  #5  
Old 07-22-2013, 14:22
sin0822 sin0822 is offline
Banned by Leeghoofd
 
Join Date: Oct 2011
Location: ASIA
Posts: 981
Default

some dudes hacked my site, but I know who they are now.
__________________
Reply With Quote
  #6  
Old 07-22-2013, 16:00
CL3P20's Avatar
CL3P20 CL3P20 is offline
grunt bot
 
Join Date: Sep 2007
Location: NCAL
Posts: 157
Send a message via Skype™ to CL3P20
Default

Quote:
Originally Posted by sin0822 View Post
some dudes hacked my site, but I know who they are now.
Did you have to follow the cookie crumbs?
__________________
Honeycomb Hero
Reply With Quote
  #7  
Old 07-22-2013, 17:16
M.Beier's Avatar
M.Beier M.Beier is offline
-deleted-
 
Join Date: Apr 2006
Location: Denmark
Posts: 765
Default

So basicly MSI users are in risk when wanting to update their drivers, that really sucks...
Could you, Massman, find compare info with ASUS, ASRock, Gigabyte and others, to see if its a common thing, or just MSI having issues?

Quote:
Originally Posted by sin0822 View Post
some dudes hacked my site, but I know who they are now.
LOL, good stuff Im not being accused of this one hah
__________________
Quote:
Originally Posted by El Gappo View Post
Went down quicker than Sin on a Gigabyte rep
Quote:
Originally Posted by Massman
I'm willing to try everything
Reply With Quote
  #8  
Old 07-22-2013, 17:52
sin0822 sin0822 is offline
Banned by Leeghoofd
 
Join Date: Oct 2011
Location: ASIA
Posts: 981
Default

Quote:
Originally Posted by CL3P20 View Post
Did you have to follow the cookie crumbs?
I had a friend do it. I don't like software.
__________________
Reply With Quote
  #9  
Old 07-29-2013, 09:17
Dreadlockyx Dreadlockyx is offline
robo cop
 
Join Date: Sep 2009
Location: 127.0.0.1
Posts: 468
Default

Seems like a JavaScript injection. I personally don't know how to do it, but I think you've got to change the source code of a page for the code to be executed.
__________________
Reply With Quote
  #10  
Old 09-30-2014, 17:49
simples simples is offline
kitchen robot
 
Join Date: Sep 2014
Location: South Africa
Posts: 1
Default

Dear All - Especially Mr VIVI!!! Please note that our website is being named here as a "total junk ripoff site" and "looking fake".

Please note that 2k11.co.za is a totally legitimate and registered online business and we do not take kindly to this kind of badmouthing of our business without reason.

2k11 Management
__________________
Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 15:33.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Copyright COLARDYN IT GCV 2004 - 2013