!!!!! SITE_HACK_WARNING !!!!

Go To Last Post
15 posts / 0 new
Author
Message
#1
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Be warned that on every page access here my popup blocker is saying it wanted to install "Remote Data Services Data Control". Do NOT allow this to happen or respond to any request to install a "plug-in" you may see from this site.

Cliff

[BTW PM sent to eivind about this]

Last Edited: Tue. Mar 24, 2009 - 09:52 AM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Yup, me too. My McAfee's having a heyday.

Thanks for the warning.

Chuck Baird

"I wish I were dumber so I could be more certain about my opinions. It looks fun." -- Scott Adams

http://www.cbaird.org

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

When will this EVER end!!!! :evil:

John Samperi

Ampertronics Pty. Ltd.

https://www.ampertronics.com.au

* Electronic Design * Custom Products * Contract Assembly

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

My firefox noscript asks to install a script from tozxiqud.cn , on the avrfreaks.net main page

/Bingo

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

My Safari (MacOS) browser says:

Quote:
The website you are visiting appears to contain malware. Malware is malicious software that may harm your computer or may otherwise operate without your consent. Your computer can be infected just by browsing the site with malware, without any further action on your part.

For detailed information about the problems found on this site, or a portion of this site, visit the Google Safe Browsing diagnostic page for tozxiqd.cn

By the way, the Google Safe Browsing produces no useful information.

Jim

 

Until Black Lives Matter, we do not have "All Lives Matter"!

 

 

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

My AVG warned me too about the same.....

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

When I visit the avrfreaks.net frontpage my ESET Smart Security pops up with this warning and then the browser crashes.
The browser also asked to install "Remote Data Services Data Control", but I never accpeted that but the website still installs a trojan unless your antivirus program doesn't block it like ESET does.

Attachment(s): 

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

clawson wrote:
Be warned

you may see from this site.

Cliff

[BTW PM sent to eivind about this]

91.212.65.7 got this IP address from Blackice defender prob some chinese!!!

Time, Event, Intruder, Count
24-Mar-09 0:45:48 AM, PE_DotNet_Loader_Exec, 91.212.65.7, 1

Neotrace Pro says china

My Z.A stays silent

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Hi,

I found from the No-Script that this site has been infected by tozxiqud.cn

Use Firefox with No-Script to prevent infection.

AVR Rulez...;-)

Warm Regards,
Boseji
http://m8051.blogspot.com/

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

As this exploit now seems to have gone I'll let this thread break free...

Cliff

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

boseji wrote:
Hi,

I found from the No-Script that this site has been infected by tozxiqud.cn

Use Firefox with No-Script to prevent infection.

This tozxiqud.cn was indeed
the name blackice showed me, with the above given IP.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Microchip is behind this, they must destroy what they can not have.

We must retaliate by talking more sh*t about them in off topic.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Quote:
Microchip is behind this, they must destroy what they can not have.

We must retaliate by talking more sh*t about them in off topic.


Alan, do you have any idea how paranoid and bizarre this sounds?

Chuck Baird

"I wish I were dumber so I could be more certain about my opinions. It looks fun." -- Scott Adams

http://www.cbaird.org

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

toalan wrote:
Microchip is behind this, they must destroy what they can not have.

We must retaliate by talking more sh*t about them in off topic.

Yes indeed! Careful analysis of the scrip show that it infects AVR Studio and does the following....

Whenever the compiler is run, the script takes control and enters a NOP on every second line during compile in order to slow down the code. When compiling any LCD enabled AVR, the script adds a small routine that will display the text "HACKED BY PIC - Long Live the W Register!" on the LCD screen at random intervals.

We must fight back!!

I am working on a retaliation script that infects MPLab and targets all Ethernet enabled Microchip targets so when they are connected, a massive DOS attack on all PIC support websites will occur.

We will have our day!

Brad

No Fate But What We Make!

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

This thread should just die now the threat is over so I'm locking it - hope no one minds. PM me if you do.

Topic locked