FYI - SailNet Hacked

[SaltyMonkey]

Probably some SQL injection tricks

[Ex-Calif]

Quote:

Originally Posted by Andy R

I feel bad for them. We have been through hacks and it's a very difficult situation to resolve. Hopefully they will turn off their site ASAP and work through the issues so no unnecessary computers are infected and be back up and running soon.

Love your new Avatar Andy.

Is that your boat or a dream?

[marc2012]

They are sooooo slow probably should be back around 2012.marc

[BlueSeas]

Have a site that had PayPal spamming pages added to it. My host shut me down immediately until I confirmed I found the vulnerability in my php driven site (and rightfully so) and deleted the unauthorized pages.

It is a pain, but there are sooo many thieves and general bad folks out there trying to take advantage of holes in website infrastructure that constant updating is necessary. A good host will recognize the difference between a hacked site and a malicious site and make an effort to help.

Kudo's to CF for good security!

[Stillraining]

Some disgrunteled Multi huller no doubt...



Just kidding!

[Zednotzee]

Quote:

Originally Posted by Yachts66

Where's DOS when you need it?

It's on my P133 with 24MB RAM & an AWE32 on an ISA slot, running Master of Orion!

[wannago]

Well, some's these hackers apparently find large numbers of distributed computers under their control useful, for various reasons, even if there's nothing particularly interesting on that computer itself, it's useful to stage things in order to hide there origin. Making your computer useful to them, no matter how useless it is to you.

One way for them to get at a bunch of computers is to write up there code (i.e. the trojan, or whatever you want to call it) and trick a bunch of people into downloading and installing it. And commonly, with little sophistication, they'll just put a link somewhere that a lot of people will see and try and convince them to click the link and follow some instructions to install the trojan.

And, creating there own site would require them to come up with something interesting enough to get people wanting to look at it (one reason many of these "attacks" where first found on sites with porn), but more and more, that's just hard (after all, there's so much free porn out there I don't think anyone clicks on free porn links anymore).

So, join a popular message board forum and start posting your links there. Some of these boards will let you post images, HTML, Javascript embedded in HTML, word docs, word docs with macros, PDF files, PDF files with the PDF exploint of the month, or last month, I think you get the idea.

There's a range of other possibilities, but this seems the obvious one to me. From a hackers point of view, often the technical approach to these attacks is really not that complicated and it ends up being just a lot of work, at least, from the standpoint that I see it.

And I did see the google warning, and while they changed the links to prevent you from CLICKING through to that site I could still type the site in, or copy / paste off the warning google gave. I then got another warning, but I'm not sure if that was from firefox, the google toolbar, or the Antivirus software. But I got all kinds of warnings and decided to ignore them and go look at the site anyways.

If anyone wants to carry on about google somehow being "big brother" of interfering with your freedoms, I'm really gonna have to wonder why you can't copy / paste into the URL bar and start laughing... Unfortunately the people who often need to be saved from themselves are often the least appreciative of the help.