English Amiga Board


Go Back   English Amiga Board > Main > Amiga scene

 
 
Thread Tools
Old 12 May 2012, 00:34   #1
FOL
PSPUAE DEV

FOL's Avatar
 
Join Date: Nov 2006
Location: Barry / UK
Age: 39
Posts: 5,591
Send a message via MSN to FOL Send a message via Skype™ to FOL
Amibay Hacked?

It appears amibay has been hacked, anyone going there should scan for malware / viruses.

Web Attack: Malicious Website Accessed dsyoylhbg.usa.cc (146.185.255.235, 80),dsyoylhbg.usa.cc/d/404.php?go=1

Im guessing they have worked out by now its been hacked.
FOL is offline  
AdSense AdSense  
Old 12 May 2012, 01:07   #2
scrappysphinx
Registered User

scrappysphinx's Avatar
 
Join Date: Jan 2008
Location: Nottingham
Age: 32
Posts: 448
You can still access Amibay if you go directly to a thread or post and then click the new posts button but the main homepage has been attacked and contains some redirct or java exploit or something along those lines.

Click here to read the thread
scrappysphinx is offline  
Old 12 May 2012, 02:08   #3
rockape
Registered User
rockape's Avatar
 
Join Date: Feb 2010
Location: Lincolnshire, England.
Age: 69
Posts: 158
Exclamation "Amibay Hacked Beware ! "

Hi,

I tried logging into Amibay using an A1200 and got:

"Unable to add cookies, header already sent.
File: /homepages/1/d277227762/htdocs/amibay/forum/index.php(1) : eval()'d code
Line: 7"

Regards, Michael

aka rockape
rockape is offline  
Old 12 May 2012, 02:13   #4
jabsy
Yeah Hup!

jabsy's Avatar
 
Join Date: May 2006
Location: Australia
Age: 48
Posts: 340
I just checked and NOD32 popped up with:

12/05/2012 8:42:35 AM HTTP filter file http://ysavlxaw.usa.cc/main.php?page=c69bd02e93e6957c JS/Kryptik.NN trojan connection terminated - quarantined Threat was detected upon access to web by the application: C:\Program Files\Mozilla Firefox\firefox.exe.

Bastards.
jabsy is offline  
Old 12 May 2012, 02:33   #5
prowler
Global Moderator

prowler's Avatar
 
Join Date: Aug 2008
Location: Sidcup, England
Posts: 10,278
@rockape, jabsy:

There was already an EAB thread started on this subject. I have merged them.
prowler is offline  
Old 12 May 2012, 10:55   #6
I.Did
in retromode
 
Join Date: Feb 2012
Location: Scandinavia
Posts: 72
Quote:
Originally Posted by scrappysphinx View Post
You can still access Amibay if you go directly to a thread or post and then click the new posts button but the main homepage has been attacked and contains some redirct or java exploit or something along those lines.

Click here to read the thread
I'm not a member over at Amibay. What I get using your link is the reg. screen. Guess they are still working on it, the poor guys
I.Did is offline  
Old 12 May 2012, 14:16   #7
ElectroBlaster
Junior Member
ElectroBlaster's Avatar
 
Join Date: Mar 2002
Location: Exeter, Devon, UK
Age: 43
Posts: 1,441
Send a message via ICQ to ElectroBlaster
Brilliant! So thats where my little bug came from! ZoneAlarm came up with this:

Exploit.JS.Pdfka.fof

This happend late last night/early hours of the morning and mainly because I tend to leave the machine running with certain pages up and just forget about it if im busy.

Why would anyone hack Amibay??? disgruntled kid? somebody jealous?
ElectroBlaster is offline  
Old 12 May 2012, 15:50   #8
DDNI
Targ Explorer

DDNI's Avatar
 
Join Date: Mar 2006
Location: Northern Ireland
Age: 43
Posts: 5,090
Send a message via ICQ to DDNI Send a message via MSN to DDNI
Quote:
Originally Posted by ElectroBlaster View Post
Brilliant! So thats where my little bug came from! ZoneAlarm came up with this:

Exploit.JS.Pdfka.fof

This happend late last night/early hours of the morning and mainly because I tend to leave the machine running with certain pages up and just forget about it if im busy.

Why would anyone hack Amibay??? disgruntled kid? somebody jealous?
Hmmm top three suspects.

Bill McEwan
Hans (doomy)
Some moobunny moron

Outside guess CUSA
DDNI is offline  
Old 12 May 2012, 16:46   #9
Leffmann

 
Join Date: Jul 2008
Location: Sweden
Posts: 2,025
It's a widespread attack all over the Internet, Amibay hasn't been specifically targetted.
Leffmann is offline  
Old 12 May 2012, 16:46   #10
desiv
Registered User
 
Join Date: Oct 2009
Location: Salem, OR
Posts: 1,173
Quote:
Originally Posted by ElectroBlaster View Post
Why would anyone hack Amibay??? disgruntled kid? somebody jealous?
Apparently it's not just Amibay and it's not just Amiga sites...

Life on the Internet....

desiv
(Actually, life on the Internet is generally very kual; this just happens..)
desiv is offline  
Old 12 May 2012, 18:34   #11
discomeats
Just add brown sauce.
discomeats's Avatar
 
Join Date: May 2008
Location: North East Englandland
Posts: 170
Quote:
Originally Posted by DDNI View Post
Hmmm top three suspects.

Bill McEwan
Hans (doomy)
Some moobunny moron

Outside guess CUSA
But surely Doomy would use a non detectable milspec attack using nasa gear
discomeats is offline  
Old 12 May 2012, 19:43   #12
1time
Amiga Lover

1time's Avatar
 
Join Date: Jan 2010
Location: Stockholm / Sweden
Age: 40
Posts: 565
http://www.classicamiga.com/ is down.

Getting
Exploit:Java/CVE-2012-0507.BB
Exploit:JS/BLACOLE.DG
1time is offline  
Old 12 May 2012, 19:46   #13
spannernick
Retro Nuts

spannernick's Avatar
 
Join Date: Aug 2004
Location: London/UK
Age: 46
Posts: 1,074
If you have tapatalk on you phone you can access the site fine ..
spannernick is offline  
Old 12 May 2012, 20:27   #14
AmiNeo
 
Posts: n/a
AMIBAY down?

Sorry to post this here guys but since many of Amibays members are present here I have only this site as a means of contacting people.


It appears that Amibay has disappeared from the interwebs


www.amibay.com


Anyone know what's up? It has been down since this morning and now appears to have disappeared altogether.

Last edited by AmiNeo; 12 May 2012 at 20:33.
 
Old 12 May 2012, 20:40   #15
lilalurl
T32
lilalurl's Avatar
 
Join Date: Aug 2001
Location: France
Age: 38
Posts: 2,832
Send a message via ICQ to lilalurl
Hacked it seems:
http://eab.abime.net/showthread.php?t=64277
lilalurl is online now  
Old 12 May 2012, 20:46   #16
johnim
Amibay Mod/Staff

johnim's Avatar
 
Join Date: Jun 2010
Location: birmingham uk
Age: 42
Posts: 1,024
not down just use a link from thead
http://www.amibay.com/showthread.php?t=29442

not the main page
johnim is offline  
Old 12 May 2012, 20:46   #17
fitzsteve
Professional slacker!
fitzsteve's Avatar
 
Join Date: Jul 2009
Location: Kent, UK
Age: 38
Posts: 6,342
Send a message via MSN to fitzsteve
Don't click on the link in post 1 as the index page is forwarding to a virus ridden link, you can still access Amibay via all other url's, just the index page is affected by this hack.

This link will give you new posts:

http://www.amibay.com/search.php?searchid=2178832

Steve.
fitzsteve is offline  
Old 12 May 2012, 20:49   #18
keitha1200
Registered User
 
Join Date: Feb 2012
Location: Tayside
Posts: 181
Noticed that lastnight Gee I can think of hundreds of other sites which deserved to be hacked! but amibay!!!

Suspects:

Crayons USA lack the technical knowledge!
Bill's too busy cutting out coupons from the newspaper
The others??? watching the Disney channel?

Last edited by keitha1200; 12 May 2012 at 20:59. Reason: didn't realise it was a www attack
keitha1200 is offline  
Old 12 May 2012, 20:50   #19
johnim
Amibay Mod/Staff

johnim's Avatar
 
Join Date: Jun 2010
Location: birmingham uk
Age: 42
Posts: 1,024
Sadly a lot of sites have been targeted over the last few days - those that are running VB forum / Joomla and other CMS systems

The attack was at a site root level and has modified some of the templates of the site (namely the index.html) and injects a small line of code that uses a Jscript redirect to the place you were sent.

Please be advised my friend that this site attempts to install MalWare onto ones Windows PC.

Please check your system, and ensure that your JavaScript settings are secure.
johnim is offline  
Old 12 May 2012, 21:10   #20
Jimbo
Registered User
Jimbo's Avatar
 
Join Date: Jul 2006
Location: Colchester Essex
Age: 38
Posts: 822
Quote:
Originally Posted by johnim View Post
Sadly a lot of sites have been targeted over the last few days - those that are running VB forum / Joomla and other CMS systems

The attack was at a site root level and has modified some of the templates of the site (namely the index.html) and injects a small line of code that uses a Jscript redirect to the place you were sent.

Please be advised my friend that this site attempts to install MalWare onto ones Windows PC.

Please check your system, and ensure that your JavaScript settings are secure.
Yeah my antivirus (microsoft security essentials) went mental and stuck stuff into quarantine from classicamiga and amibay websites when I tried to load said pages.
Jimbo is offline  
AdSense AdSense  
 


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Similar Threads
Thread Thread Starter Forum Replies Last Post
EAB hacked? No! oRBIT project.EAB 13 18 January 2012 23:47
DungeonMaster 2.0 (hacked for HD) with KS 3.1 Gaula92 support.Games 10 08 October 2011 17:13
BBOAH Hacked?!?! Fingerlickin_B Amiga scene 8 14 November 2008 19:25
Dream17 hacked squirminator2k Amiga scene 8 07 September 2008 11:22
Amiga.com hacked ! RCK Amiga scene 34 29 December 2002 02:01

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 20:20.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Page generated in 0.23360 seconds with 11 queries