geekhack

geekhack Community => Off Topic => Topic started by: Mr. C on Wed, 29 February 2012, 16:09:46

Title: AVG says Geekhack infected!
Post by: Mr. C on Wed, 29 February 2012, 16:09:46

Sorry, I'm too new here to know the Geekhack admin's email. AVG is reported Geekhack.org is infected with Exploit Blackhole Exploit Kit. Bruce Schneiner's web page indicates that is a genuine exploit of PHP/MySQL websites.
Michael

Title: AVG says Geekhack infected!
Post by: Mr. C on Wed, 29 February 2012, 22:28:23

Looks fine now. I am really enjoying geekhack.org. Thanks for the community.

Title: AVG says Geekhack infected!
Post by: reaper on Wed, 29 February 2012, 22:48:24

Get used to it cuz it'll happen again and welcome to Geekhack! :wave:

Title: AVG says Geekhack infected!
Post by: Wildcard on Thu, 01 March 2012, 01:19:59

URLVoid & Virustotal came back with good results.

Avira                           - Clean site
BitDefender             - Clean site
CLEAN MX                   - Clean site
G-Data                   - Clean site
Google Safebrowsing   - Clean site
Malc0de Database   - Clean site
MalwareDomainList   - Clean site
Opera                           - Clean site
ParetoLogic             - Clean site
Phishtank                   - Clean site
SCUMWARE.org           - Clean site
SpyEyeTracker           - Clean site
TrendMicro                   - Clean site
URLQuery                   - Unrated site
VX Vault                   - Clean site
Websense ThreatSeeker- Clean site
Wepawet                   - Unrated site
Yandex Safebrowsing   - Clean site
ZeusTracker           - Clean site

Unless you see your browser redirecting you to other websites on GH, it's most likely a false positive.

Then again those Russians are sneaky!

Edit: looks like iMav did something to resolve the problems.... hmmmmm

Title: AVG says Geekhack infected!
Post by: Roguemaster8 on Thu, 01 March 2012, 02:14:52

I kept getting this pop up from Kaspersky.

[ATTACH=CONFIG]42282[/ATTACH]

Trojan Man!

Title: AVG says Geekhack infected!
Post by: FinancialWar on Thu, 01 March 2012, 06:45:50

got the same warning from Google.

Title: AVG says Geekhack infected!
Post by: BobbyUK on Thu, 01 March 2012, 06:47:57

Same here, keep getting the message "JS/iframe.BQ.trojan"

Title: AVG says Geekhack infected!
Post by: WhackCheese on Thu, 01 March 2012, 09:06:21

.

Title: AVG says Geekhack infected!
Post by: FinancialWar on Thu, 01 March 2012, 14:38:59

must be ripster's trolling posts that caused all of this.

Title: AVG says Geekhack infected!
Post by: Shogunner on Fri, 02 March 2012, 13:31:53

Bleh, I get security warnings on chrome too.

http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=http%3A%2F%2Fgeekhack.org%2F&client=googlechrome&hl=en-US

Quote

Of the 471 pages we tested on the site over the past 90 days, 25 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2012-03-02, and the last time suspicious content was found on this site was on 2012-03-02.
Malicious software includes 16 trojan(s), 3 scripting exploit(s), 2 exploit(s). Successful infection resulted in an average of 17 new process(es) on the target machine.

Malicious software is hosted on 2 domain(s), including fraumpo.com/, h2x.ftp1.biz/.

1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including goodshop.cc/.

This site was hosted on 1 network(s) including AS30691 (LLDC).