29-04-2008, 17:23
|
#5086
|
Inactive
Join Date: Apr 2008
Posts: 831
|
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
Originally Posted by Ravenheart
|
traffurl.ru seems quite a familiar domain on google with lots of queries and dodgy script compaints - just google "traffurl.ru" but don't panic! I wouldn't necessarily follow all the urls given on the various forums as they include hacker sites.
I'm using Norton AV, Sunbelt Counterspy 1.5, and Flashblock- no warnings from them - but as traffurl.ru is on my mvps HOSTS file, it isn't actually getting to do anything anyway as it resolves to 127.0.0.1.
also running FF and Adblock and NoScript.
Page Source shows me an obfuscated script right at the bottom of the page, underneath the </body> and </html> tags.
script>eval(unescape(etc. etc. </script> - that corresponds to what was showing on some of the google entries.
The WHOIS I got on traffurl.ru is
domain: TRAFFURL.RU
type: CORPORATE
nserver: ns2.googleset.info.
nserver: ns1.googleset.info.
state: REGISTERED, DELEGATED
person: Private Person
phone: +7 812 1234567
e-mail: rekvizitor@gmail.com
registrar: NAUNET-REG-RIPN
created: 2007.12.20
paid-till: 2008.12.20
source: TC-RIPN
Last updated on 2008.04.29 19:57:06 MSK/MSD
Looks like your site may have been got hacked.
|
|
|
29-04-2008, 17:36
|
#5087
|
Inactive
Join Date: Mar 2005
Age: 43
Services: Freeview, BT Ultrafast Fibre 2
Posts: 330
|
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Yes AVG here didn't like that site either. Co-inciedently, AVG also objects to me attempting to view page 339 of this topic thread. Which leaves me unable to read any posts on it currently
|
|
|
29-04-2008, 17:38
|
#5088
|
Inactive
Join Date: Jan 2006
Posts: 3,270
|
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
that thread implyed its downloading a codec, do we know what its calling itself and were its putting it ?
if thats the case and will a simple regsvr32.exe /u codec-name then delete the file if its auto installed itself work?
http://www.developersdex.com/asp/mes...2978&r=6157380
"
Re: Strange javascript in my index.html file.
From: The Magpie
Date Posted: 2/11/2008 5:40:00 PM
Randy Webb wrote:
>
> I agree that something got whacked somewhere. But, before you can
> even answer the question, you would have to know where the "file"
> is served from. It could be on a server that has free FTP - for a
> price - and is silently inserting it.
>
Agreed, you do.
>
> As for it being a site that you are "driving visitors" to, that is
> nonsense. The iframe is hidden - display: none. Doesn't make a lot
> of sense to drive someone to your site if you hide the window it is
> going to be displayed in.
>
Correct - nothing to do with the site location.
>
> Bet you an internet beer it is a tracking site.
>
There, you lose.
Its a trojan disguised as a codec and drops quietly and happily into
your system through Media Player (unless you are one of the few
cautious types who set it to choose "Don't download codecs without
bloody asking me first!"). For the OP this means a couple of things.
1. Your PC is now infected and has been recruited into a botnet.
2. Your website is infecting other PCs every time one visits it.
3. Your PC is now being used by a - probably criminal - gang.
4. The hard one - you know about it, so you are responsible.
In essence, this means fix the website, or you could be sued. Clean
your PC, or you could be sued. Report the hacking to your hosting
provider, or you could be sued. Report it to your local or national
police, or - worst of all - you could be charged as an accessory to
the criminal activity probably now going on with your PC and with all
your website visitors. Yes, this is serious. You need to deal with it."
|
|
|
29-04-2008, 17:49
|
#5089
|
Permanently Banned
Join Date: Mar 2008
Posts: 1,028
|
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Jamie,
I hope you don't mind but I just asked the badphorm admins to suspend the thread temporarily so you can sort this out without people being at risk.
Alexander Hanff
|
|
|
29-04-2008, 18:11
|
#5090
|
Permanently Banned
Join Date: Apr 2008
Posts: 121
|
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Has this also caused problems @ badphorm ?
|
|
|
29-04-2008, 18:13
|
#5091
|
Permanently Banned
Join Date: Mar 2008
Posts: 1,028
|
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
Originally Posted by Deko
Has this also caused problems @ badphorm ?
|
The same site is in a stickied thread over there.
Alexander Hanff
|
|
|
29-04-2008, 18:19
|
#5092
|
Permanently Banned
Join Date: Apr 2008
Posts: 121
|
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Ahhh its the link thats causing the warning, not the quoted code inserted into these pages
My brain is frazzled today like the 100A breaker which blew this morning and took out 6 Electraks on that phase :-(
|
|
|
29-04-2008, 18:48
|
#5093
|
Inactive
Join Date: Mar 2008
Location: Stazi Republic of Phormistan
Posts: 329
|
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Although not a Man City fan, and there's a tenous link to Phorm in this post, but I see that Thaksin Shinawatra is trying to rival BT,VM and Talk Talk for most stupid decision of the year by sacking Eriksson
|
|
|
29-04-2008, 18:52
|
#5094
|
Inactive
Join Date: Jan 2006
Posts: 3,270
|
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
lol
http://www.ispreview.co.uk/talk/show...threadid=26993
29-04-2008, 05:11 PM
Bob2002
!EXTREME Member!
Join Date: Oct 2003
Posts: 2,297
I've located the real thing - feel free to use it as you will
[img]Download Failed (1)[/img]
|
|
|
29-04-2008, 18:55
|
#5095
|
Inactive
Join Date: Mar 2008
Services: 0.4 Mbps BB + Phone
Posts: 447
|
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
Originally Posted by OF1975
Although not a Man City fan, and there's a tenous link to Phorm in this post, but I see that Thaksin Shinawatra is trying to rival BT,VM and Talk Talk for most stupid decision of the year by sacking Eriksson
|
Perhaps poor decision making is common amongst those facing being locked up.
----
Nice one popper!
|
|
|
29-04-2008, 18:58
|
#5096
|
Inactive
Join Date: Apr 2008
Posts: 19
|
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Just a thought. Can anyone explain the difference between BT, who has already tested over 100,000 customers and going to do further tests, and VM who reputedly haven't done any tests at all, (apart from - in their words - a small lab test).
It would appear to me, that these two different approaches can't be reconciled, particularly when VM tell that all 'Due Diligence' will be completed prior to roll-out.
Colin
|
|
|
29-04-2008, 19:03
|
#5097
|
Guest
Location: Sale, Cheshire
Services: 10MB Broadband, DTV, Telephone
Posts: n/a
|
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
It seems pretty clear that BT, VM and 'tother lot have agreed between them that BT will carry out (and, as we know, has already carried out) testing on behalf of all three.
|
|
|
29-04-2008, 19:08
|
#5098
|
Inactive
Join Date: Jan 2006
Posts: 3,270
|
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
Originally Posted by CWH
Just a thought. Can anyone explain the difference between BT, who has already tested over 100,000 customers and going to do further tests, and VM who reputedly haven't done any tests at all, (apart from - in their words - a small lab test).
It would appear to me, that these two different approaches can't be reconciled, particularly when VM tell that all 'Due Diligence' will be completed prior to roll-out.
Colin
|
the most obvious one is that the BT executives and personel involved in the Unlawful RIPA interception in 2006/7 are under direct threat of a criminal conviction at some point in the future.
were as the other two firms are as yet until evidence emerges are not, currently.
"remember RIPA conviction for UK executives case law already exists.
the lost RIPA appeal of Stanford's
http://www.lawdit.co.uk/reading_room...20Stanford.htm
"
Stanford Loses Criminal Appeal
3 February 2006
Stanford Loses Criminal Appeal
....
The Regulation of Investigatory Powers Act 2000 provides a defence to an individual who intercept a communication in the course of its transmission from a private telecommunication system, if they can establish:
a) that they are entitled to control the operation of the system; or
b) they have the express or implied consent of such a person to make the interception.
Stanford relied on the position that he had gained access to the emails through a company employee. The employee apparently was given access to usernames and passwords on the email server.
Therefore, Stanford argued, he was entitled to access the emails as “a person with a right to control the operation or the use of the systemâ€Â.
Geoffrey Rivlin QC, the trial judge had a different view. He pointed out that
“right to controlâ€Â
did not mean that someone had a right to access or operate the system, but that the Act required that person to of had a right to authorise or to forbid the operation. [that mean YOU users as the owner of the data]
Stanford appealed the judge’s decision. However, the Court of Appeal upheld Rivlin’s view. It pointed out that the purpose of the law was to protect privacy. Therefore Stanford’s sentence of 6 months imprisonment (suspended for two years) and a fine of £20,000 with £7000 prosecution costs
were upheld.
Daniel Doherty"
|
|
|
29-04-2008, 19:11
|
#5099
|
Cable Forum Team
Join Date: Jun 2003
Posts: 15,098
|
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
I would like to remind all members that if you do not have consent from an individual(s), you should not be posting their e-mail addresses. CF has received complaints today from some individuals stating their details were posted without consent.
|
|
|
29-04-2008, 19:20
|
#5100
|
Inactive
Join Date: Apr 2008
Location: UK
Posts: 160
|
Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]
Quote:
Originally Posted by Mick
I would like to remind all members that if you do not have consent from an individual(s), you should not be posting their e-mail addresses. CF has received complaints today from some individuals stating their details were posted without consent.
|
That'd be K*nt at traffurl.ru then would it?
|
|
|
Currently Active Users Viewing This Thread: 8 (0 members and 8 guests)
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT +1. The time now is 09:13.
|