Jump to content


New nasty sites

  • Please log in to reply
1 reply to this topic

#1 Freebird


    Advanced Member

  • Full Member
  • PipPipPip
  • 196 posts

Posted 08 July 2004 - 10:57 AM

I recieved two mail post reply notifications from another site that I frequent. Both mails contained links to compromised sites. The first site 'b0x.com' tried to install an .XPI file, I did not go to the other one. I notified the forum host about the problem and this is what he wrote back regarding the sites below:

"Found some 40+ messages on three Forums posted yesterday and early today. Nasty, but clever low-level hacker. Multiple IP addresses, email addresses, screennames, and domain names (dictionary-derived). For your use, here are the domain names he/she used, with various subdomains:


I've removed all the messages (which were replies) and, reluctantly, the messages they referred to. Removed the latter because hackers often program future attacks as automated replies to the same set of original posts."

I don't use a Hosts file, so I don't know if these sites are or are not included in peoples most recent Hosts file.

If this is old news, please disregard this post.

We know the speed of light......but, whats the speed of dark? Steven Wright - Scientist and Comedian

#2 VashonDude


    Forum Deity

  • Trusted Advisor
  • PipPipPipPipPip
  • 1,255 posts

Posted 08 July 2004 - 01:44 PM

None of them are in the latest version of MVPS Hosts. When I looked in IE-Spyad, I got the following (IE-Spyad entry on right side of arrow):

topcities.com -> topcities.com\betsonline

narod.ru -> narod.ru\karleyt

-- LB
Want to help in the fight against malware? Join the SWI boot camp.

Member of UNITE
Support SpywareInfo Forum - click the button