1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

WARNING - StorageReview - Don't go there !!!

Discussion in 'Security and Privacy' started by Christer, 2006/10/11.

  1. 2006/10/11
    Christer

    Christer Geek Member Staff Thread Starter

    Joined:
    2002/12/17
    Messages:
    6,585
    Likes Received:
    74
    I was infected by a downloader when visiting StorageReview Forums. More info to come!

    Christer
     
    Christer,
    #1
  2. 2006/10/11
    Christer

    Christer Geek Member Staff Thread Starter

    Joined:
    2002/12/17
    Messages:
    6,585
    Likes Received:
    74
    I'm a regular over there and it started earlier this week by a spam e-mail which appeared to come from the site administrator telling me that I was chosen for download of the StorageReview Toolbar. It seemed suspicious and I didn't go for it (and I wouldn't even if I wanted a toolbar). Discussions on StorageReview confirmed that it was spam, some kind of hi-jack.

    An hour ago, I went there and Java was launched. That has never happened before and I stopped the download (I thought). I did however get a Trojan Downloader and Norton AntiVirus squealed like a pig while I tried to find out the origin among the addresses that popped up. An IP address 81.95.153.241 and the two screenshots below was what I managed before putting the Ghost 2003 Boot Disks to work.

    http://img.photobucket.com/albums/v98/Engdahl/ScreenShots/SR-screenshot-1.jpg
    The address may be interesting for those who know anything (not me).

    http://img.photobucket.com/albums/v98/Engdahl/ScreenShots/SR-screenshot-2.jpg
    Image Viewer was launched repeatedly while Norton AntiVirus was at work.

    Right now ... :) ... I'm a happy Ghost user!

    Christer
     
    Christer,
    #2


  3. to hide this advert.

  4. 2006/10/11
    TeMerc

    TeMerc Inactive Alumni

    Joined:
    2006/05/13
    Messages:
    3,226
    Likes Received:
    4
    I'm hoping you alerted the admin there so they can take the boards down to patch the forum software?

    At the very least, maybe they needed to send an email to the members.
     
    TeMerc,
    #3
  5. 2006/10/11
    Christer

    Christer Geek Member Staff Thread Starter

    Joined:
    2002/12/17
    Messages:
    6,585
    Likes Received:
    74
    I didn't think of that ... :eek: ... I kind of went into Panic Mode. Even if I'm a Ghost user, I'm reluctant to go back to find an E-mail addy ... :eek: ... ! Maybe admin#storagereview.com is a good guess? (Substitute @ for #)

    Christer
     
    Christer,
    #4
  6. 2006/10/11
    Christer

    Christer Geek Member Staff Thread Starter

    Joined:
    2002/12/17
    Messages:
    6,585
    Likes Received:
    74
    Sent a message to "admin#storagereview.com" and it didn't bounce.

    Christer
     
    Christer,
    #5
  7. 2006/10/11
    Whiskeyman Lifetime Subscription

    Whiskeyman Inactive Alumni

    Joined:
    2005/09/10
    Messages:
    1,772
    Likes Received:
    37
    I used Google cache for the email. webmaster at storagereview dot com. That would be the best place to send a message about site problems.
     
    Whiskeyman,
    #6
  8. 2006/10/11
    Christer

    Christer Geek Member Staff Thread Starter

    Joined:
    2002/12/17
    Messages:
    6,585
    Likes Received:
    74
    Thanks Whiskeyman,
    I'll drop a message on that one too!

    Christer
     
    Christer,
    #7
  9. 2006/10/11
    Dennis L Lifetime Subscription

    Dennis L Inactive Alumni

    Joined:
    2002/06/07
    Messages:
    2,557
    Likes Received:
    2
    Are any of the wBBS Moderators running Linux or Mac system?
    [FONT= "Arial Black"]Possible[/FONT] you could go the the site without getting infected and notify the forum administrator... and also check their forum board to see if site admin has issued a notice / warning.
     
    Dennis L,
    #8
  10. 2006/10/11
    TeMerc

    TeMerc Inactive Alumni

    Joined:
    2006/05/13
    Messages:
    3,226
    Likes Received:
    4
    Good idea, my test box is currently buggered up with L2M, Qoologic and some other buggers, whats another? :p

    I'll get there tonite sometime, see what happens.
     
    TeMerc,
    #9
  11. 2006/10/11
    Geri Lifetime Subscription

    Geri Inactive Alumni

    Joined:
    2003/03/02
    Messages:
    4,580
    Likes Received:
    7
    LOL, spoken like a real malware expert:D
     
    Geri,
    #10
  12. 2006/10/12
    Arie

    Arie Administrator Administrator Staff

    Joined:
    2001/12/27
    Messages:
    15,174
    Likes Received:
    412
    Can't beat Virtual PC to test & bugger up, then return to 'clean' with just a click :D
     
    Arie,
    #11
  13. 2006/10/12
    TeMerc

    TeMerc Inactive Alumni

    Joined:
    2006/05/13
    Messages:
    3,226
    Likes Received:
    4
    Alot of the more nasty buggers however won't run in VM.
     
    TeMerc,
    #12
  14. 2006/10/12
    Christer

    Christer Geek Member Staff Thread Starter

    Joined:
    2002/12/17
    Messages:
    6,585
    Likes Received:
    74
    I was notified by an E-mail from the SR webmaster that the SR Forum is back up, clean as a whistle!

    It seems like I was one of the first members to get hit and TeMercs call to contact the site administrators was a wise one. Thanks!

    Christer
     
    Christer,
    #13
  15. 2006/10/13
    Arie

    Arie Administrator Administrator Staff

    Joined:
    2001/12/27
    Messages:
    15,174
    Likes Received:
    412
    IC... so we should pass a law to have novice users run in VM then :D
     
    Arie,
    #14
  16. 2006/10/13
    TeMerc

    TeMerc Inactive Alumni

    Joined:
    2006/05/13
    Messages:
    3,226
    Likes Received:
    4
    Oughta be a good idea for some of them. And on a similar note, I read somepleace that Vista will not be allowing the freeware VMs to run or something to that effect. :confused:
     
    TeMerc,
    #15

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...