Special Ops Paintball: Malware! - Special Ops Paintball

Jump to content


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Malware! When using the member locator Rate Topic: -----

#1 User is offline   rkneeshaw 

  • Forum Newbie
  • Pip
  • Group: Members
  • Posts: 15
  • Joined: 30-April 09
  • Brigade Name:rkneeshaw

Posted 09 April 2010 - 10:41 AM

Go to Member Locator Home
Try to select a Country
Select USA from the pulldown box
Click Submit

Firefox presents me with a red security page. If I choose ignore, Malware attempts to install on my computer.

Tested from multiple machines, same problem. It looks like the servers might have been hacked?!
0

#2 User is offline   slinkyaroo 

  • Gravity takes over where brains leave off.
  • PipPipPipPipPipPipPip
  • Group: Administrators
  • Posts: 7,805
  • Joined: 08-February 06
  • Gender:Male
  • Location:Belleville, Ont Canada

Posted 09 April 2010 - 11:20 AM

Oh. Norton didn't like that. You are correct. Thanks for the report. I'll shoot off a couple of PM's.


.

Posted Image-Posted Image
Paintball Library (Manuals and Support) ---SpecOps feedback --- PBN feedback--- Paintball Chat RoomGeneral Forum Rules and Regs --- SIGNATURE GUIDELINES --- Warning Levels/Reductions
0

#3 User is offline   rkneeshaw 

  • Forum Newbie
  • Pip
  • Group: Members
  • Posts: 15
  • Joined: 30-April 09
  • Brigade Name:rkneeshaw

Posted 09 April 2010 - 01:13 PM

View Postslinkyaroo, on Apr 9 2010, 01:20 PM, said:

Oh. Norton didn't like that. You are correct. Thanks for the report. I'll shoot off a couple of PM's.


.


Cool, thanks. I figure they'll want to fix that ASAP.
0

#4 User is offline   Big Bone 

  • Special Ops Finisher
  • PipPipPipPipPip
  • Group: Members
  • Posts: 1,693
  • Joined: 13-January 06
  • Gender:Male
  • Location:Salt Lake City, Utah
  • Brigade Name:Big Bone

Posted 10 April 2010 - 09:30 AM

I Emailed Travis (the guy who created the brigade) and hopefully this will get resolved shortly.

Thank you for the heads up man.


BB
<!--fonto:Century Gothic--><span style="font-family:Century Gothic"><!--/fonto--><!--coloro:#003300--><span style="color:#003300"><!--/coloro--><!--sizeo:4--><span style="font-size:14pt;line-height:100%"><!--/sizeo-->Micah Orvis - Special Ops Finishes<!--sizec--></span><!--/sizec--><!--colorc--></span><!--/colorc--><!--fontc--></span><!--/fontc-->

<img src="http://i41.photobucket.com/albums/e253/Micah_Orvis/OmniPatX7-1.jpg" border="0" class="linked-image" /><img src="http://forum.specialopspaintball.com/images/factoryemployee_badge.jpg" border="0" class="linked-image" /><a href="mailto:micah@specialopspaintball.com"><!--coloro:#003300--><span style="color:#003300"><!--/coloro-->micah@specialopspaintball.com<!--colorc--></span><!--/colorc--></a>
<!--coloro:#CC0000--><span style="color:#CC0000"><!--/coloro-->StarCraft 4 Life... as long as they keep updating it for Macs :)<!--colorc--></span><!--/colorc-->
0

#5 User is offline   skieaskhell 

  • Forum Newbie
  • Pip
  • Group: Members
  • Posts: 23
  • Joined: 17-March 10

Posted 12 April 2010 - 07:44 AM

View PostBig Bone, on Apr 10 2010, 10:30 AM, said:

I Emailed Travis (the guy who created the brigade) and hopefully this will get resolved shortly.

Thank you for the heads up man.


BB



Just an FYI, it's still ongoing. It looks like it is affecting other pages as well.
0

#6 User is offline   Nexus Rex 

  • Code Ninja
  • PipPipPipPipPip
  • Group: Members
  • Posts: 1,779
  • Joined: 21-September 06
  • Gender:Male
  • Location:Woods Cross, Utah
  • Brigade Name:Nexus Rex

Posted 12 April 2010 - 04:59 PM

I cannot duplicate the problem. I have made some changes and refreshed files. Please test again and give me feedback!
<!--coloro:#666666--><span style="color:#666666"><!--/coloro-->TRAVIS CABLE - IT/WEB DIRECTOR - SPECIAL OPS PAINTBALL<!--colorc--></span><!--/colorc-->
<img src="http://forum.specialopspaintball.com/images/factoryemployee_badge.jpg" border="0" class="linked-sig-image" /><a href="http://www.specialopspaintball.com/brigade/member_view.asp?id=1120" target="_blank"><img src="http://www.specialopspaintball.com/brigade/images/member_banner_01.gif" border="0" class="linked-sig-image" /></a>
<!--coloro:#666666--><span style="color:#666666"><!--/coloro--><a href="http://www.beperpetual.com/" target="_blank">Read My Blog</a><!--colorc--></span><!--/colorc-->
0

#7 User is offline   rkneeshaw 

  • Forum Newbie
  • Pip
  • Group: Members
  • Posts: 15
  • Joined: 30-April 09
  • Brigade Name:rkneeshaw

Posted 13 April 2010 - 06:13 AM

View PostNexus Rex, on Apr 12 2010, 06:59 PM, said:

I cannot duplicate the problem. I have made some changes and refreshed files. Please test again and give me feedback!


Works good now.

One thing I notice now is that when clicking submit it is sending the form data to what looks like the "specopsbrigade.com/<blahblah>" domain name, where before it was sending everyone to a raw IP address. It seems someone might have comprimised the site and refreshing the files must have overwritten their changes.

Also to note, I am using Firefox.

Thanks for your help on this.
0

#8 User is offline   slinkyaroo 

  • Gravity takes over where brains leave off.
  • PipPipPipPipPipPipPip
  • Group: Administrators
  • Posts: 7,805
  • Joined: 08-February 06
  • Gender:Male
  • Location:Belleville, Ont Canada

Posted 13 April 2010 - 06:43 AM

I didn't get any notices from Norton. Seems ok.


.

Posted Image-Posted Image
Paintball Library (Manuals and Support) ---SpecOps feedback --- PBN feedback--- Paintball Chat RoomGeneral Forum Rules and Regs --- SIGNATURE GUIDELINES --- Warning Levels/Reductions
0

#9 User is offline   Tommikka 

  • Tom
  • PipPipPipPip
  • Group: Members
  • Posts: 808
  • Joined: 28-May 07
  • Gender:Male
  • Location:Salisbury, UK
  • Brigade Name:tommikka

Posted 13 April 2010 - 11:44 AM

View Postrkneeshaw, on Apr 13 2010, 02:13 PM, said:

View PostNexus Rex, on Apr 12 2010, 06:59 PM, said:

I cannot duplicate the problem. I have made some changes and refreshed files. Please test again and give me feedback!


Works good now.

One thing I notice now is that when clicking submit it is sending the form data to what looks like the "specopsbrigade.com/<blahblah>" domain name, where before it was sending everyone to a raw IP address. It seems someone might have comprimised the site and refreshing the files must have overwritten their changes.

Also to note, I am using Firefox.

Thanks for your help on this.


All good for me as well.
The malware was sourced from a redirected IP address so restoring the site will have fixed that.

... I assume admin/ftp passwords etc have been reset.
Posted Image
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users