trojan on busse website

giodane · May 29, 2009

it's true , there is a trojan virus on the busse website....please clean it

infected312 · May 29, 2009

giodane said:
it's true , there is a trojan virus on the busse website....please clean it

geeeeze ... . maybe the file is embeded in the new pics Busse uploaded??

It seems this trojan is allowing unauthorized access to the host machine also..

I really hope it gets fixed soon..

foxyrick · May 29, 2009

Yes - it's a nasty little sod as well.

My AV and firewall picked up multiple exploit attempts and the exploit managed to start an downloaded executable and attempt to change system settings and access the internet. It's all ring fenced but - nasty stuff!

Heavy · May 29, 2009

Seems odd that it happens the day blade starts...and it seems odd that a new guy with the name "infected" signs up this very day to comment on it...

foxyrick · May 29, 2009

Hmmm...

AngryFish · May 29, 2009

Name Threat Action Information
http://www.swampratknifeworks.com/ JS/Iframe.C.gen trojan connection terminated - quarantined Threat was detected upon access to web by the application: C:\Program Files\Mozilla Firefox\firefox.exe.

Name Threat Action Information
http://www.bussecombat.com/ JS/Iframe.C.gen trojan connection terminated - quarantined Threat was detected upon access to web by the application: C:\Program Files\Mozilla Firefox\firefox.exe.

It looks like they genuinely do have some kind of trojan on their site. Be careful. My AV caught it but there is definitely something going on there.

ChasHOG · May 29, 2009

Since I'm running a Mac I had NO problem!

I'mGatMan! · May 29, 2009

This is getting ridiculous. Really. This is a LOT of trouble to go to just to mess with people.

on_the_edge · May 29, 2009

The fact is that this was likely done by a script kiddie, not a hacker with any level of true sophistication. They are a dime a dozen, and while generally ignorant, they are still arrogant. Hopefully Busse ITS folks can rectify the nuisance without too much trouble.

rbmcmjr · May 29, 2009

ChasHOG said:
Since I'm running a Mac I had NO problem!

Silicon Graphics O2

The script kiddies don't seem to target IRIX platforms.

MRpink · May 29, 2009

This happens every now and then. Is our private info (CC) safe if hackers can just do that?

RobStanley · May 30, 2009

Man I just got it! Cripes! NOD32 picked it up straight away. Bloody morons who write this stuff - get a bloody life!!! No wait, you probably don't have have one, so therefore, I suggest suicide, as you are not needed in the gene pool! :grumpy::grumpy::grumpy::grumpy:

foxyrick · May 30, 2009

Your CC stuff should be safe. Anything like that is handled by back end servers, if not a third party altogether. Brute forcing or exploiting one's way into a public facing web server is one thing - getting anywhere past that is far more difficult.

As to what the trojan does if it gets on your PC, that's a different matter. On mine, on a virtual test machine I let it loose on, part of it avoided my antivirus and managed to actually run, but this was picked up by the firewall when it attempted to connect to a machine over the 'net and I killed it manually. Just be careful that your AV hasn't missed that bit as well.

Funny thing is these morons who do it in such an obvious and therefore easily stopped manner usually do it for the attention and bragging rights. Well, they've done it while (a) most folks are at blade, (b) are saving up for the subsequent ganzas and (c) when the knife for sale has been out for ages. So, not much of an audience for them, except the few of us left around here to comment in this thread. Shame for the poor kiddies really.

As to Macs being safe, I still keep waiting to hear that they have been compromised from the start and have been the hackers' secret weapon in the war against PC's

Silicon Graphics? rbmcmjr you lucky thing you! I've always had a soft spot for their kit. Proper hardware with a real O/S.

GregS · May 30, 2009

Passive aggressive p*ssies do this kind of thing.

MustardMan · May 30, 2009

foxyrick said:
As to Macs being safe, I still keep waiting to hear that they have been compromised from the start and have been the hackers' secret weapon in the war against PC's

I am a huge mac fan - switched from Linux and UNIX machines years ago for the slick interface and great development environment in xcode. I have converted huge numbers of friends and family over to mac os x...

And it still makes me cringe when people say things like "I am safe because I use a mac".

There is a huge security hole in the OS X version of Java, which hasn't been patched yet and there ARE exploits for it out in the wild. People think that, just because Mac OS isn't as heavily targeted as Windows, it is way safer - it's not. They are both loaded with security holes.

There are a few features of mac os that make it a bit more secure than a typical windows machine, but it's certainly not as safe as people make it out to be. A quality firewall is still a very good idea on a mac.

on_the_edge · May 30, 2009

MustardMan said:
And it still makes me cringe when people say things like "I am safe because I use a mac".

Well bravado without knowledge can be foolish. But from what I've heard, all known Mac exploits (so far) still require that the hacker know the user pwd. of the hacked system in order for the exploit to actually work.

12Bravo · May 30, 2009

I had the same problem over on the swamprat website. My Trend blocked it. I did a scan and nothing, every thing else seems o.k.

Anyone have any other suggestions to make sure somethings not lingering around.

MORIMOTOM · May 30, 2009

Heavy said:
Seems odd that it happens the day blade starts...and it seems odd that a new guy with the name "infected" signs up this very day to comment on it...

not really.....

http://www.bladeforums.com/forums/showpost.php?p=6870045&postcount=84

anyone who still thinks uncle jarvis is just misunderstood may want to consider that he is biting the hand that feeds him.

maybe he started the virus, maybe not. i doubt the new user name and the virus are a coincidence.

Guyon · May 30, 2009

Jarvis is a twit. Last I heard, he wanted to make buddies and buy everyone at Blade a beer.
However, it seems he prefers spending his time reinventing himself as new ISPs and aggravating the mods here.

12Bravo said:
Anyone have any other suggestions to make sure somethings not lingering around.

Silkwood shower and a shot of penicillin?

rbmcmjr · May 30, 2009

foxyrick said:
Silicon Graphics? rbmcmjr you lucky thing you! I've always had a soft spot for their kit. Proper hardware with a real O/S.

They're fun boxes, that's for sure. I used an Octane at work and wanted to get something for around the house. I picked up an Indy from the Want Ads and was hooked. I have two of those little pizza boxes, an R10K Indigo II, and this R12K O2. It's far from leading edge at this time, but not so very long ago, the O2 was used in just about every TV station on the planet to superimpose graphics over video, particularly weather forecasts. 1 gigabyte of memory for texture mapping blows the doors off just about everything else out there.

trojan on busse website

giodane

infected312

foxyrick

British Pork

Heavy

foxyrick

British Pork

AngryFish

ChasHOG

I'mGatMan!

on_the_edge

rbmcmjr

MRpink

RobStanley

foxyrick

British Pork

GregS

MustardMan

on_the_edge

12Bravo

MORIMOTOM

Guyon

Biscuit Whisperer

rbmcmjr