GoFuckYourself.com - Adult Webmaster Forum - View Single Post - Please Read This!

BFT3K · 02-02-2011, 03:54 PM

Please Read This! - Important Security Issue!

I am not a technical expert, but from what I can figure out, here is a major hacker issue that everyone should be aware of.

Read on, as IT DOES EFFECT SALES!

If I am not interpreting this information incorrectly, please clarify, as I am not married to my own interpretation, but it appears to be a very valid hypothesis.

I recently noticed one or two of my sites were receiving malware warnings, when attempting to access the pages.

Upon further investigation I noticed that all of my "error" pages were infected by iframes that redirected you to a Russian site.

I then did a search for my own sites, and I came upon many pages which included text along the lines of the following...

-----------

How to get FREE Access to YourSiteName.com (obviously this is actually the real name of the site, but I changed it for demonstration purposes)

Using someone elses YourSiteName.com membership to get access is shady...and all the YourSiteName.com passwords on google are expired

But I finally got in for free by using a free deal link for YourSiteName.com

1. Use the deal link below
2. Click to join YourSiteName.com...fill in an email and password
3. Verify you're not under 18 with a credit card...(Don't worry it won't be charged)
4. Then just check your email for the Free Lifetime Membership!

Deal Link: http://refer.ccbill.com/cgi-bin/clic...m/updates.html

-----------

The link address is intentionally incorrect: http://www.YourSiteName.com/updates.html. On my sites for example, the updates.html portion has a capital "U" and not a lower "u" - so you are instantly redirected to one of the infected error pages.

BTW: CCBill has since flagged account number 2186562, but it isn't even clear if they were the culprit.

When the link was working, the surfer would enter a credit card to join for free, and then, since the page does not really exist, the thieves/hackers would steal the card number, and then redirect them to one of my error pages, which they had already infected with iframe malware.

Adding insult to injury (and this is the worst part), it looks like Symantec (the parent company of Norton Utilities) has taken it upon itself to inform everyone using Norton Utilities, that the pages of these sites are dangerous to visit.

The problem is, even AFTER you remove the iframes from your pages, the Norton warnings DO NOT GO AWAY!

It is fine for a security company to warn you that a site is dangerous, but for them to compile a database, and then NOT update that database in realtime, is TOTAL BULLSHIT!

As more and more sites are now finding themselves on this Symantec blacklist, it is obvious that MANY DOLLARS are being lost, by both the site owners, as well as the billing companies!

I just had a very long talk with CCBill about this, and they totally agree that sales are now falling, thanks to this Symantec bullshit - even though I suppose it was meant to be helpful.

What say you?

02-02-2011, 03:54 PM
BFT3K Too lazy to set a custom title Industry Role: Join Date: Dec 2005 Location: Narnia Posts: 10,764	Please Read This! - Important Security Issue! Please Read This! - Important Security Issue! I am not a technical expert, but from what I can figure out, here is a major hacker issue that everyone should be aware of. Read on, as IT DOES EFFECT SALES! If I am not interpreting this information incorrectly, please clarify, as I am not married to my own interpretation, but it appears to be a very valid hypothesis. I recently noticed one or two of my sites were receiving malware warnings, when attempting to access the pages. Upon further investigation I noticed that all of my "error" pages were infected by iframes that redirected you to a Russian site. I then did a search for my own sites, and I came upon many pages which included text along the lines of the following... ----------- How to get FREE Access to YourSiteName.com (obviously this is actually the real name of the site, but I changed it for demonstration purposes) Using someone elses YourSiteName.com membership to get access is shady...and all the YourSiteName.com passwords on google are expired But I finally got in for free by using a free deal link for YourSiteName.com 1. Use the deal link below 2. Click to join YourSiteName.com...fill in an email and password 3. Verify you're not under 18 with a credit card...(Don't worry it won't be charged) 4. Then just check your email for the Free Lifetime Membership! Deal Link: http://refer.ccbill.com/cgi-bin/clic...m/updates.html ----------- The link address is intentionally incorrect: http://www.YourSiteName.com/updates.html. On my sites for example, the updates.html portion has a capital "U" and not a lower "u" - so you are instantly redirected to one of the infected error pages. BTW: CCBill has since flagged account number 2186562, but it isn't even clear if they were the culprit. When the link was working, the surfer would enter a credit card to join for free, and then, since the page does not really exist, the thieves/hackers would steal the card number, and then redirect them to one of my error pages, which they had already infected with iframe malware. Adding insult to injury (and this is the worst part), it looks like Symantec (the parent company of Norton Utilities) has taken it upon itself to inform everyone using Norton Utilities, that the pages of these sites are dangerous to visit. The problem is, even AFTER you remove the iframes from your pages, the Norton warnings DO NOT GO AWAY! It is fine for a security company to warn you that a site is dangerous, but for them to compile a database, and then NOT update that database in realtime, is TOTAL BULLSHIT! As more and more sites are now finding themselves on this Symantec blacklist, it is obvious that MANY DOLLARS are being lost, by both the site owners, as well as the billing companies! I just had a very long talk with CCBill about this, and they totally agree that sales are now falling, thanks to this Symantec bullshit - even though I suppose it was meant to be helpful. What say you?