View unanswered posts | View active topics It is currently Fri Mar 29, 2024 12:05 am



Reply to topic  [ 37 posts ]  Go to page 1, 2, 3  Next
 DataRealms Website Malware Warning 
Author Message
User avatar

Joined: Fri Aug 26, 2011 3:06 am
Posts: 42
Reply with quote
Post DataRealms Website Malware Warning
Hello. Every now and then (it occasionally goes away) the Data Realms site is apparently being reported for distributing malware. Either someone's being silly, or there's a problem I haven't noticed yet.

Image

I'm using Opera, this is just the built-in malware warning thingy. This has been going on for a few months now. I've bypassed this warning and unless Avast fails me, I haven't been infected with anything.


Fri Jun 08, 2012 11:59 pm
Profile
User avatar

Joined: Tue Apr 01, 2008 4:49 pm
Posts: 1972
Location: The Netherlands
Reply with quote
Post Re: DataRealms Website Malware Warning
Interesting that you say this.

I am having great issues reaching this site for almost a week now and at one point I contacted my ISP about it.
They mentioned their system checked this site out to be a... non-trustable website, to put it kindly.

Although I believe it to be nonsense ofcourse, it's strange that it came from the number one ISP in my country. :S


Sat Jun 09, 2012 12:22 am
Profile
User avatar

Joined: Fri Aug 26, 2011 3:06 am
Posts: 42
Reply with quote
Post Re: DataRealms Website Malware Warning
The first time I saw it, I went to the AVG site and sent a "False Positive" report. I'd do it again, but frankly, now that it's up again I'm kind of wary of doing that.

Investigation is warranted, methinks. It could just be an angry person/group trying to mess with the site by sending bogus reports, but it's better to be safe.

By the way, the forums are being fairly slow for me. Anyone else getting that?


Sat Jun 09, 2012 3:18 am
Profile
Loose Canon
User avatar

Joined: Sun Mar 29, 2009 11:07 pm
Posts: 2992
Location: --------------->
Reply with quote
Post Re: DataRealms Website Malware Warning
Honestly I'm starting to think someone is doing all they can to ♥♥♥♥ up the forums. I've never seen it this slow except when DRL was being DDoS'd way back when. And considering we've never gone over 130 or so users on at any one time and not had problems, I'm inclined to think that the recent "heavy" traffic from B27 isn't the problem.


Sat Jun 09, 2012 4:17 am
Profile WWW
User avatar

Joined: Fri Jan 26, 2007 3:22 am
Posts: 1451
Reply with quote
Post Re: DataRealms Website Malware Warning
it's definitely the mysqldb being unmaintained. the forums as well as the wiki will error out every now and then because the mysql config is not configured correctly atm.

reports of malicious site is from the security groups downloading any binaries automatically(this includes the CC installer from the front page), and getting that false-positive that some people are apparently getting.


Sat Jun 09, 2012 7:12 am
Profile

Joined: Fri Sep 10, 2010 1:48 am
Posts: 666
Location: Halifax, Canada
Reply with quote
Post Re: DataRealms Website Malware Warning
Not entirely related but in case it helps anyone with the relevant know-how, I'm unable to upload attachments and get the following error message. I haven't yet confirmed if this is the same problem Gotcha's suffering from (he's also unable to upload attachments) but either way I hope it helps:
Code:
Could not upload attachment to ./files/12692_5483e7446c4f1991bc6dcd37f13ffced.


Sat Jun 09, 2012 8:09 am
Profile
User avatar

Joined: Fri Aug 26, 2011 3:06 am
Posts: 42
Reply with quote
Post Re: DataRealms Website Malware Warning
By the way, I'd like to encourage everyone to file an Incorrect Page Rating Report, as this does harm the website and it's certainly not legitimate.

If this is from automatically downloading binaries, how come it's taken so long for this warning to pop up? I still think some nonsense is afoot.


Sat Jun 09, 2012 11:31 pm
Profile
User avatar

Joined: Tue Apr 01, 2008 4:49 pm
Posts: 1972
Location: The Netherlands
Reply with quote
Post Re: DataRealms Website Malware Warning
My problem is definitely different, due to the fact that I can't reach the forum -at all-, except through proxy websites. ;_;


Sat Jun 09, 2012 11:59 pm
Profile
User avatar

Joined: Fri Jan 26, 2007 3:22 am
Posts: 1451
Reply with quote
Post Re: DataRealms Website Malware Warning
NikolaiLev wrote:
By the way, I'd like to encourage everyone to file an Incorrect Page Rating Report, as this does harm the website and it's certainly not legitimate.

If this is from automatically downloading binaries, how come it's taken so long for this warning to pop up? I still think some nonsense is afoot.


Previous releases didn't trigger the false-positive b27 has.


Sun Jun 10, 2012 2:24 am
Profile
User avatar

Joined: Fri Aug 26, 2011 3:06 am
Posts: 42
Reply with quote
Post Re: DataRealms Website Malware Warning
Daman wrote:

Previous releases didn't trigger the false-positive b27 has.


This warning came up before B27 was out. Since a little before the "Finishing the tech implementations" video, in fact.


Sun Jun 10, 2012 11:11 am
Profile
Data Realms Elite
Data Realms Elite
User avatar

Joined: Fri Jul 03, 2009 11:05 am
Posts: 3878
Reply with quote
Post Re: DataRealms Website Malware Warning
Image


Sun Jun 10, 2012 12:51 pm
Profile
User avatar

Joined: Fri Aug 26, 2011 3:06 am
Posts: 42
Reply with quote
Post Re: DataRealms Website Malware Warning
Natti wrote:
Image


I just got this email. Now I'm a little worried about what this actually does, and whether or not I need to worry about my machine. Can anyone tell what it does?

Further, is anyone forwarding this to the relevant people? I don't know who the website people are for DR, and I certainly want this fixed as much as anyone.


Sun Jun 10, 2012 3:55 pm
Profile
DRL Developer
DRL Developer

Joined: Fri May 15, 2009 10:29 am
Posts: 4107
Location: Russia
Reply with quote
Post Re: DataRealms Website Malware Warning
Yeah, we know about it.

Forwarded the response to data, btw.


Sun Jun 10, 2012 4:00 pm
Profile
User avatar

Joined: Tue Dec 12, 2006 3:10 pm
Posts: 495
Location: Uncertain quantum state
Reply with quote
Post Re: DataRealms Website Malware Warning
I've seen some shady third-party sites in the noscript list of the main page now and then; just now I saw "http://prostofoto.eu" there, now it's gone though.
They seem to be "It works!" leaseweb sites. Suspicious.


Mon Jun 11, 2012 12:36 am
Profile
User avatar

Joined: Fri Jan 26, 2007 3:22 am
Posts: 1451
Reply with quote
Post Re: DataRealms Website Malware Warning
Hahahaha, lol, haHAAHAHAhaha. That's great. Hope the server is properly secured, I.E. apache is run on a separate user that only has access to what it needs to have access to. Is payment information stored in a database whose credentials are readable by the same user running apache that serves the infected page? That's pretty probable.

I don't think datarealms runs any ads, does it? That'd mean there's an actual security hole. That's a shame. Anyone get the full javascript? It apparently only appears once per IP.

e: betting the vulnerability they used is the devlog's wordpress timthumb file.

here, data: http://markmaunder.com/2012/04/23/intro ... ty-plugin/

findude wrote:
I've seen some shady third-party sites in the noscript list of the main page now and then; just now I saw "http://prostofoto.eu" there, now it's gone though.
They seem to be "It works!" leaseweb sites. Suspicious.


If you get the full URL that is accessed you'll see that the result is a blackhole kit that runs checking for any vulnerable plugins you're using, and exploiting any found holes to add you to a botnet.


Mon Jun 11, 2012 8:53 am
Profile
Display posts from previous:  Sort by  
Reply to topic   [ 37 posts ]  Go to page 1, 2, 3  Next

Who is online

Users browsing this forum: No registered users


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by STSoftware for PTF.
[ Time : 0.089s | 15 Queries | GZIP : Off ]