HuntingNut
HuntingNut
   Login or Register
HomeCommunity ForumsPhoto AlbumsRegister
     
 

User Info

Welcome Anonymous


Membership:
Latest: HackerAce
New Today: 0
New Yesterday: 0
Overall: 12440

People Online:
Members: 0
Visitors: 115
BOT: 5
Total: 120
Who Is Where:
 Visitors:
01: Forums
02: Forums
03: Forums
04: Forums
05: Forums
06: Photo Albums
07: Forums
08: Forums
09: Forums
10: Forums
11: Home
12: Photo Albums
13: Forums
14: Forums
15: Forums
16: Forums
17: Forums
18: Photo Albums
19: Forums
20: Photo Albums
21: Forums
22: Forums
23: Forums
24: Photo Albums
25: News
26: Photo Albums
27: Forums
28: Forums
29: Forums
30: Forums
31: Forums
32: Forums
33: Photo Albums
34: Photo Albums
35: Forums
36: Forums
37: Forums
38: Forums
39: Forums
40: Your Account
41: Forums
42: Photo Albums
43: Your Account
44: Photo Albums
45: Photo Albums
46: Forums
47: Photo Albums
48: Forums
49: Forums
50: Forums
51: Home
52: Forums
53: Forums
54: Forums
55: Home
56: Forums
57: Forums
58: Forums
59: Forums
60: Your Account
61: Photo Albums
62: Forums
63: Forums
64: Forums
65: Forums
66: Forums
67: Forums
68: Forums
69: Forums
70: Forums
71: Photo Albums
72: Forums
73: Home
74: Forums
75: Forums
76: Forums
77: Forums
78: Forums
79: Forums
80: Forums
81: Forums
82: Forums
83: Forums
84: Photo Albums
85: Forums
86: Forums
87: Forums
88: Photo Albums
89: Photo Albums
90: Forums
91: Forums
92: Home
93: Forums
94: Forums
95: Forums
96: Forums
97: Photo Albums
98: Photo Albums
99: Forums
100: Forums
101: Forums
102: Forums
103: Forums
104: Photo Albums
105: Forums
106: Forums
107: Forums
108: Forums
109: Forums
110: Photo Albums
111: Forums
112: Forums
113: Forums
114: Forums
115: Home
  BOT:
01: Forums
02: Your Account
03: Forums
04: News
05: Forums

Staff Online:

No staff members are online!
 

Coppermine Stats
Photo Albums
 Albums: 301
 Pictures: 2358
  · Views: 284639
  · Votes: 1297
  · Comments: 86
 

Support our Advertisers

Virus
Important Announcements regarding the website, hunting related announcements etc etc.
Go to page 1, 2  Next
Post new topic   Reply to topic   Printer Friendly Page    Forum Index » Important Announcements!

View previous topic :: View next topic  
Author Message
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3120
Location: Utah

PostPosted: Tue May 28, 2013 9:23 pm    Post subject: Virus Reply with quote

I am getting reports from users about a virus when they attempt to access HuntingNut. I am talking to my webhost to see if this is valid, or it its a false positive.

Details to follow as I learn more.


-DallanC


Last edited by DallanC on Tue Dec 03, 2013 5:30 pm; edited 1 time in total
Back to top
View user's profile Photo Gallery
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3120
Location: Utah

PostPosted: Tue May 28, 2013 9:48 pm    Post subject: Re: Virus Reply with quote

From my host:

Quote::
Hi,

I am sorry, but it look like a cached or false positive alarm on AVG. I have performed a full scan on your account and the result is just positive;

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
scan completed on /home/hunting/public_html: files 27482, malware hits 0, cleaned hits 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Also, checked the domain with other antivirus site like McAfee, Norton etc and those results showing there is no infections on your account.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
huntingnut.com

We tested this site and didn't find any significant problems.
Are you the owner of this site? Leave a comment
Contact information: Country Popularity

United States

Some users
Automated Web Safety Testing Results for huntingnut.com
E-MAIL TESTS FOR HUNTINGNUT.COM:
DOWNLOAD TESTS FOR HUNTINGNUT.COM:
Downloads we found on this site:
Download Analysis
PointBlankCRBSv18a.zip
PointBlankCRBSv18a.zip
PointBlankCRBSv18a.zip
PointBlankCRBSv18a.zip
PointBlankCRBSv18a.zip
6 total downloads. See more.
6 green downloads
In our tests, we found downloads on this site were free of adware, spyware, and other potentially unwanted programs.
View detailed analysis
Submit a download for analysis
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Thank you.
Regards,
--
Alex Spaford
Level 2 System Administrator
TotalChoiceHosting INC.


Still digging, into this!


-DallanC
Back to top
View user's profile Photo Gallery
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3120
Location: Utah

PostPosted: Wed May 29, 2013 11:20 am    Post subject: Re: Virus Reply with quote

Ok I was able to track down the infection, it does indeed seem we got accessed somehow. I will continue to investigate how this happened, meanwhile the site appears "clean".

If anyone happens to notice any pages that trigger wierd behavior let me know. Apologies for the inconvience!


-DallanC
Back to top
View user's profile Photo Gallery
shrpshtrjoe
Super Red Neck Member
Super Red Neck Member


Joined: Jan 26, 2005
Posts: 2955
Location: Maryland

PostPosted: Wed May 29, 2013 1:36 pm    Post subject: Re: Virus Reply with quote

Cool Very Happy Thanks for your efforts Dallan...

_________________
"MOLON LABE"

P E T A
People Eating Tasty Animals
Back to top
View user's profile Photo Gallery
Dawgdad
Super Member
Super Member


Joined: Feb 08, 2006
Posts: 1033
Location: On the Prairie

PostPosted: Wed May 29, 2013 1:56 pm    Post subject: Re: Virus Reply with quote

I had posted a link to a photo hosted on Coppermine and some people said they got a "hack attempt has been recorded" alert when they tried to open it.

_________________
Alcohol, Tobacco and Firearms should be a convenience store, not a government agency...
Back to top
View user's profile Photo Gallery
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3120
Location: Utah

PostPosted: Wed May 29, 2013 1:57 pm    Post subject: Re: Virus Reply with quote

Dawgdad wrote:
I had posted a link to a photo hosted on Coppermine and some people said they got a "hack attempt has been recorded" alert when they tried to open it.

Email me the link you used, I will look into it.


-DallanC
Back to top
View user's profile Photo Gallery
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3120
Location: Utah

PostPosted: Wed May 29, 2013 2:00 pm    Post subject: Re: Virus Reply with quote

shrpshtrjoe wrote:
Cool Very Happy Thanks for your efforts Dallan...

Heh no problem. I had a site wide backup made on the 13th of this month, so I made a new backup with the virus, then ran some software I have that does file comparisons to show what changed from one version to the next. It quickly showed the 70'ish files that got modified. I manually restored them all and it seems fine.

As annoying as it is, it seems we are "big enough" that hackers feel we are worth the effort to access.


-DallanC
Back to top
View user's profile Photo Gallery
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3120
Location: Utah

PostPosted: Wed May 29, 2013 2:02 pm    Post subject: Re: Virus Reply with quote

PS: the trojan really only seemed to affect the newest version of Internet Explorer (version 10), it would just try to redirect the user from HuntingNut to some silly dating site.


-DallanC
Back to top
View user's profile Photo Gallery
shrpshtrjoe
Super Red Neck Member
Super Red Neck Member


Joined: Jan 26, 2005
Posts: 2955
Location: Maryland

PostPosted: Wed May 29, 2013 2:27 pm    Post subject: Re: Virus Reply with quote

DallanC wrote:
PS: the trojan really only seemed to affect the newest version of Internet Explorer (version 10), it would just try to redirect the user from HuntingNut to some silly dating site.


-DallanC

That's what I have . No problems logging in now Very Happy .. My Norton antivirus wouldn't even let me log in earlier I guess it works Smile

_________________
"MOLON LABE"

P E T A
People Eating Tasty Animals
Back to top
View user's profile Photo Gallery
Ominivision1
Super Member
Super Member


Joined: Sep 20, 2010
Posts: 2985
Location: Iowa

PostPosted: Wed May 29, 2013 2:54 pm    Post subject: Re: Virus Reply with quote

One other thing to watch for is rogue certificates being installed on your web browser(s). If you get redirected to another website, shut down the browser and lock the firewall and open up FF or whatever you use) and go to advance settings (encryption, view certificates) and I found found a rogue sever security certificate installed who knows when (date).

_________________
Regards

Limitations are but boundaries created inside our minds.
Back to top
View user's profile Photo Gallery
gelandangan
Super Member
Super Member


Joined: May 07, 2006
Posts: 5702
Location: Sydney Australia

PostPosted: Wed May 29, 2013 3:10 pm    Post subject: Re: Virus Reply with quote

Good on you Dallan!
Thanks for the hard work, I am glad we are back.

_________________
A straight line is the shortest distance between two points.
A smile is the shortest distance between two people.

The government I trust .. is my .45-70 Government.

Do - Not try!


gelandangan.weebly.com/
Back to top
View user's profile Visit poster's website
Pumpkinslinger
Super Member
Super Member


Joined: Sep 22, 2007
Posts: 4385
Location: NC foothills

PostPosted: Wed May 29, 2013 4:19 pm    Post subject: Re: Virus Reply with quote

Yep, I was going through HuntingNut withdrawal! Norton blocked it at home and whatever they use at work did the same.

_________________
Mike

"I ain't no better than anyone else, and there ain't no one better than me!" Ma Kettle

Back to top
View user's profile AIM Address Yahoo Messenger Photo Gallery
Pumpkinslinger
Super Member
Super Member


Joined: Sep 22, 2007
Posts: 4385
Location: NC foothills

PostPosted: Wed May 29, 2013 10:58 pm    Post subject: Re: Virus Reply with quote

Hmmm, when I went to the photos here to put some in a post I got that same warning from Norton that I was getting on Tuesday. Here is some of the Norton information.

Category: Intrusion Prevention
An intrusion attempt by www.huntingnut.com was blocked.
Web Attack: Mass Injection Website 5, ,"www.huntingnut.com (208.76.80.141,80) ",www.huntingnut.com/modules/coppermine/scripts.js," Network traffic from www.huntingnut.com/mod...scripts.js matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME3\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE.

_________________
Mike

"I ain't no better than anyone else, and there ain't no one better than me!" Ma Kettle

Back to top
View user's profile AIM Address Yahoo Messenger Photo Gallery
Vince
Super Member
Super Member


Joined: May 25, 2005
Posts: 13021
Location: Brisbane AUSTRALIA

PostPosted: Wed May 29, 2013 11:36 pm    Post subject: Re: Virus Reply with quote

Well done Dallan. Once again your hard work saves our hunting community from a withdrawal meltdown and subsequent depression, anxiety and other psychological maladies mate.

I bow to your superior knowledge and abilities. Bow Bow

_________________
Cheers, Vince Cheers

Illegitimi non carborundum
(Never let the bastards grind you down)

Live simply. Love generously. Care deeply. Speak kindly. Leave the rest to God.

"Nulla Si Fa Senza Volonta."
(Without Commitment, Nothing Gets Done)
Back to top
View user's profile AIM Address MSN Messenger Yahoo Messenger Photo Gallery
Elvis
Super Member
Super Member


Joined: Jul 27, 2008
Posts: 6931
Location: south island New Zealand

PostPosted: Thu May 30, 2013 12:26 am    Post subject: Re: Virus Reply with quote

good on you DallanC
YOU THE MAN

_________________
You shot it You pluck it !
Them who eats the most duck eats the most feathers!
Back to top
View user's profile
Display posts from previous:   
Post new topic   Reply to topic   Printer Friendly Page    Forum Index » Important Announcements!
Page 1 of 2
All times are GMT - 7 Hours
Go to page 1, 2  Next



Jump to:  


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Advertisements
 


Valid CSS! Valid HTML 4.01!
Click to check if this page is realy HTML 4.01 compliant for speed :)

All logos and trademarks in this site are property of HuntingNut.com.
The comments are property of their posters, all the rest © 2011 by HuntingNut.com
Interactive software released under GNU GPL, Code Credits, Privacy Policy

.: Upgraded to DragonFly 9.2 by Dizfunkshunal :.