84.gif

Search (advanced search)
Use this Search form before posting, asking or make a new thread.
Tips: Use Quotation mark to search words (eg. "How To Make Money Online")

04-18-2012, 02:48 AM
Post: #11
RE: Malware on bestblackhatforum.com ??! Please READ everyone! Thanks!
Even while replying Avast block the site.. Clean up your code man!
04-18-2012, 02:48 AM
Post: #12
RE: Malware on bestblackhatforum.com ??! Please READ everyone! Thanks!
Admin,

I recognise that code...

The injection code, for sure, is the crap we detected amongst the infected WP plugins and themes the other week.

dataminers domain was one of the host domains sprading the Ultimate Black Hat system crap about...

I'm almost totally sure that someone is hitting your users with blackole infection attack - basically this needs an exploit (usually form, mostly textarea) and runs from a backend system.

The injection code sends back browser info the the viewer and it selects which exploit to send to the user, depending upon OS/browser etc

This injection method can then send over a variety of payloads, from javascript based content locker/cpa scams to full blown trojans/virus - typically java based, so you'll see a numbe rof jar files getting picked up by your local AV software.

The problem you get is that the injector code will pass any scan, apart from manual checking right now.

The other problem is that the resulting attack to the user is unknown as the injector can deliver anything, depending upon the coders ability.

For me, as this was a domain we detected and removed the infected shares the other week (close to 100 shares) - they're smarting due to lost revenue/opps etc and tried to revenge attack BBHF.

I'd be tempted to lose the shoutbox/chats or really tighten up the input scanning of it - seems the textarea elements are the weakest points.

Might be also worth checking through any DB's you have that can hold such data - in case it's still lurking in there.

I've looked through the js and css above - all clear - the warning is a generic one, as those files can easily point off-site for content

the iframe you show above, but can't see in server side code may be the result/output of the injector code running.

Give me a shout if I can help?

Si
04-18-2012, 04:02 AM
Post: #13
RE: Malware on bestblackhatforum.com ??! Please READ everyone! Thanks!
Yeah, same message from Firefox this morning for me!

But I had many warnings from AVG since a few days about this "Zona-uspeha.be", and I thought that was coming from the No Hand SEO soft which I'm using for a week now LOL !

Hope you'll fix this, I'm sure you will ;-)
That's the price of success guys !!!
04-18-2012, 05:24 AM
Post: #14
RE: Malware on bestblackhatforum.com ??! Please READ everyone! Thanks!
np, you are just another big site in my favotites which got infected.
Big sites getting infected is normal these days..
04-18-2012, 10:57 AM
Post: #15
RE: [SOLVED/FIXED] Malware on bestblackhatforum.com ??! Please READ everyone! Thanks!
Got an email today. I think it fixed already.
Thanks everyone for the concern.


Quote:*** DO NOT REPLY TO THIS E-MAIL ***

URL: http://bestblackhatforum.com/

Congratulations! This URL is no longer reported as badware by any of StopBadware's data providers. We have therefore closed this review and updated our Badware Website Clearinghouse. Any warnings about the URL that are based on our providers' data should be removed shortly.

StopBadware and Commtouch are conducting a survey about compromised websites. If your site was hacked, please take a minute to answer a few quick survey questions about what happened and how you fixed it.

Please know that this does not necessarily mean your site is completely free of badware or that it is no longer at risk of being reinfected. Help protect your site from future infection by reading our Tips for Cleaning and Securing Your Website. For additional help, visit our online community, BadwareBusters.org. We're always interested in hearing from site owners who have used our independent review process. Have feedback about how we can make it better? Drop us a line at feedback@stopbadware.org.

We're able to manually review websites (like yours!) because we've maintained our status as an independent non-profit organization; this means we rely entirely on donations from individuals and organizations that believe in the value of what we do. If we've helped you, please consider making a small donation. Thanks for helping stop badware!

The StopBadware team
Anyway to those supervip as you guys notice the supervip chatbox had disappeared. Please be patience i will bring back the supervip chatbox soon. For now its good thing malware issue was been fixed. Thank you.
90.gif
04-18-2012, 11:15 AM
Post: #16
RE: [SOLVED/FIXED] Malware on bestblackhatforum.com ??! Please READ everyone! Thanks!
Glad to hear this problem is solved :) thanks
04-18-2012, 11:45 AM
Post: #17
RE: [SOLVED/FIXED] Malware on bestblackhatforum.com ??! Please READ everyone! Thanks!
what ever happen our support will remain with you !!!!!ADMIN!!!!!
Love Bestblackhatforum...........no other forum like this?
04-20-2012, 10:19 AM
Post: #18
RE: [SOLVED/FIXED] Malware on bestblackhatforum.com ??! Please READ everyone! Thanks!
check this out
http://sitecheck.sucuri.net/results/http...tforum.com
04-20-2012, 10:20 AM
Post: #19
RE: [SOLVED/FIXED] Malware on bestblackhatforum.com ??! Please READ everyone! Thanks!
Yeh That was nice work admin. Today i have not got any attack report while login
04-20-2012, 10:27 AM
Post: #20
RE: [SOLVED/FIXED] Malware on bestblackhatforum.com ??! Please READ everyone! Thanks!
I m still getting virus alert when i visit BBHF :(
23.gif
+Rep if you like my post ^^




48.gif