Attempted computer attacks from this site

Started by Travis Retriever, May 01, 2010, 07:56:35 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 01, 2010, 07:56:35 PM
For some reason today, about 4/5 times when I try to access this forum via my bookmarks (which has ALWAYS worked before) I am redirected to this URL (DO NOT CLICK IT):
http://www1.protectsys28-pd.xorg.pl/?p=p52dcWpkbG6HjsbIo216h3de0KCfYWCdU9LXoKitioaLw8ydb5aYen5arK3NasiXk2Rea2JrmV2ZVqPajtfZ1m5oWKeih9eipqCecV6aoaXGaorcmpWkcVih1GqZYF6XZJGVm19oY2%2BL08ifb5ytqKhuZ2jYpNuUk5%2BUo6Wh2KaQpKaVk9LW2J5mm6TJxttnopypWqyndWqTZJadZmdmZGte2KCUbWGYZJWbmGhwYm%2BLxMZ2h4dfq6GYdXGaZQ%3D%3D

And I get an error message from my web browser saying it couldn't connect and a message from my anti-virus software telling me it just protected me from an attack.
I look at the details and it was actually targeted to my name.
I suspect this forum is having trouble with hackers and/or someone has a grudge against me...
Has anyone else had this problem?
"When the mob and the press and the whole world tell you to move, your job is to plant yourself like a tree beside the river of truth, and tell the whole world—'No. You move.'"
-Captain America, Amazing Spider-Man 537
May 01, 2010, 08:04:17 PM #1
Also, for those interested, here's what my anti-virus software said about the attacker:

Risk Name: "HTTP Misleading Application Page Request"
Attacking Computer: "www1.protectsys28.pd.xorg.pl (94.228.209.182, 80)"
Attacker URL: [already posted above; the really long one]
Destination Address: my computer (duh)
Source Address: "94.228.209.182 (94.228.209.182)"
Traffic Description: "TCP, www-http"

Just to let you all know.
"When the mob and the press and the whole world tell you to move, your job is to plant yourself like a tree beside the river of truth, and tell the whole world—'No. You move.'"
-Captain America, Amazing Spider-Man 537
May 01, 2010, 08:10:33 PM #2
Update, I only seem to get attacked when trying to access this site if I cleared my browser history beforehand.
"When the mob and the press and the whole world tell you to move, your job is to plant yourself like a tree beside the river of truth, and tell the whole world—'No. You move.'"
-Captain America, Amazing Spider-Man 537
May 01, 2010, 08:21:49 PM #3
Interesting, I'll have to try it.

In the meantime, make sure it's nothing on your end. Run Spybot (or equivalent software), and in case it's DNS poisoning try OpenDNS.
May 01, 2010, 08:23:11 PM #4
Yep, I got the same thing in both Chrome and Safari. Checking it out...
May 01, 2010, 09:41:33 PM #5
Okay, everything's refreshed from clean backups. Let me know if it happens again, or if any functionality is diminished.
May 01, 2010, 10:03:58 PM #6
Thank goodness!
Glad to know that's resolved. :)
"When the mob and the press and the whole world tell you to move, your job is to plant yourself like a tree beside the river of truth, and tell the whole world—'No. You move.'"
-Captain America, Amazing Spider-Man 537
May 01, 2010, 11:30:25 PM #7
Interesting.
So I was'nt the only one. Only I got a virus warning from AVG when trying to watch the Bogosity videos from the main homepage.

Oh and it's good to see you people still breathing and such things.
May 02, 2010, 01:14:47 AM #8
Quote from: Gumba Masta on May 01, 2010, 11:30:25 PM
Interesting.
So I was'nt the only one. Only I got a virus warning from AVG when trying to watch the Bogosity videos from the main homepage.

Same here. Glad to see it's fixed.
"Did you know that the hole's only natural enemy is the pile?"
"Dead Poets Society has destroyed a generation of educators."
  --The Simpsons, "Special Edna"
May 02, 2010, 08:34:35 AM #9
For the record, the attack happened on 5/1/2010 at just after 1:00am. Godaddy has been notified; I don't know what action (if any) they're going to take.
User actions
Print
Go Up Pages1