Victory Road Archive

You are viewing an archive of Victory Road.

Victory Road closed on January 8, 2018. Thank you for making us a part of your lives since 2006! Please read this thread for details if you missed it.

Announcements → Malware Warning

Page 1 of 1

1. FreezeWarp said on December 13, 2010, 03:55:32 PM (-08:00)

Kyurem
2,186 posts

To Visitors of Floatzel.net, VictoryBattles.net, and VictoryRoad.net:

Starting December 3rd, 2010, and lasting somewhere around a week, Google Adsense (our ad provider), as well as MSN's own ad provider, were both attacked with a form of malware that may have affected the Victory Road Network as well a variety of other sites on the internet - including both Google and MSN.com. While we are unaware if any people here at Victory Road were for sure affected, we encourage those with lax security policies, or who have noticed abnormalities over the past week, to check.

The attacks themselves use a variety of exploits, including:

  • A vulnerability in Internet Explorer 6, 6 SP1, and 7 (though neither 8 nor 9) with the "iepeers.dll" library. (More Info)
  • An exploit in Java JDK and JRE 6 Update 10 - Update 19 (More Info)
  • Multiple exploits in Adobe Reader and Acrobat affecting versions 7, 8, and 9 (though not 9.1). (More Info 1, 2, 3, 4)
  • A flaw in Active X, affecting MDAC 2.7 and 2.8. This is believed to affect IE 6 and 7 but not 8. (More Info)

The main virus installed is HDD Plus, and more information can be found here at Armorize and here at ComputerWorld. As always, please keep your software as up to date as possible. If you are using Internet Explorer, please use at least version 8. Adobe Flash and Acrobat should also be at their latest versions (10.1 and 9.4 respectively).

Thank You,
FreezeWarp,
Victory Road Administrator

Likes 6 – Cat333Pokémon, TheAppleFreak, James, The Spirit of Time, Shadow, piexing

2. James said on December 13, 2010, 04:57:09 PM (-08:00)

Volcarona
665 posts

Thanks a lot FW. I'm guessing firefox is unaffected?

Likes 1 – piexing

3. OMGITSJAD said on December 13, 2010, 05:05:20 PM (-08:00)

Shaymin
2,490 posts

Quote:
Originally Posted by James View Post
Thanks a lot FW. I'm guessing firefox is unaffected?
I doubt it, I know Chrome users can get it too, considering Lux got it and she uses Chrome...don't know what Mag has and he got it also...

Likes 1 – piexing

4. FreezeWarp said on December 13, 2010, 05:13:47 PM (-08:00)

Kyurem
2,186 posts

Anyone who has an outdated version of Adobe Reader or Java could get it - admittedly on Windows I am susceptible to both.

Edit: Keep in mind there's a good chance all people infected got it from some other site, but still since some people are infected...

Likes 1 – piexing

5. Luxray13579 said on December 13, 2010, 05:18:17 PM (-08:00)

Shaymin
2,679 posts

So, unless my quick skim and scan of both those links for the HDD scan failed me, I'm still wondering: How do I get rid of it?
It's not working anymore, I put a stop to it but it's still installed on my computer. I mean not that I really care that it's there, because it doesn't work anymore, but still... any ideas?

And thanks for the info, Freeze.

Likes 2 – OMGITSJAD, piexing

6. FreezeWarp said on December 13, 2010, 05:22:50 PM (-08:00)

Kyurem
2,186 posts

Quote:
Originally Posted by Luxray13579 View Post
So, unless my quick skim and scan of both those links for the HDD scan failed me, I'm still wondering: How do I get rid of it?
It's not working anymore, I put a stop to it but it's still installed on my computer. I mean not that I really care that it's there, because it doesn't work anymore, but still... any ideas?

And thanks for the info, Freeze.
Sadly its very hard to remove. However, this post contains good instruction on how to do so:

http://www.myantispyware.com/2010/12...s-and-hddplus/. You will need MalwareBytes, though I'm under the impression you already have it Lux... xD

Likes 1 – piexing

7. Shadow said on December 14, 2010, 12:05:02 AM (-08:00)

Giratina
3,209 posts

Thanks for the information, Freeze. I'm planning to update my computer's operating system and get a new software for it altogether in the next few days, so I think I'm less susceptible to these attacks (or at least I hope so).

Likes 1 – piexing

8. The Spirit of Time said on December 14, 2010, 05:38:57 AM (-08:00)

Rayquaza
3,934 posts

I haven't noticed anything suspicious yet. I will keep my eyes open though for any unusual thing. Thanks Freeze for the notice.

Likes 1 – piexing

9. Searinox said on December 14, 2010, 06:11:13 AM (-08:00)

Zoroark
251 posts

I wonder if this has anything to do with the fact that I can't click links on WLM anymore as they appear plain text and need to be manually copied... I hate it when M$ does this kinda crap.

More people talking about vulnerabilities. I like that. <3

Likes 1 – piexing

10. Alakazamaster said on December 15, 2010, 02:58:09 PM (-08:00)

Kyurem
2,366 posts

Quote:
Originally Posted by The Spirit of Time View Post
I haven't noticed anything suspicious yet. I will keep my eyes open though for any unusual thing. Thanks Freeze for the notice.
I think the fact that I keep getting e-mails containing viruses from you MAY be an issue...

But yeah, I am unaffected by this, and good thing too, since I am mediocre at computer-handling.

Likes 1 – piexing

11. OMGITSJAD said on December 15, 2010, 03:12:31 PM (-08:00)

Shaymin
2,490 posts

A little bit off-topic but...

Quote:
Originally Posted by Alakazamaster View Post
I think the fact that I keep getting e-mails containing viruses from you MAY be an issue....
I think blocking his e-mail address may remedy this.

Likes 1 – piexing

12. Cat333Pokémon said on December 15, 2010, 03:52:29 PM (-08:00)

Administrator
10,307 posts

Part of it could be people following the links and supplying their passwords to scrupulous sites, which then send everyone on the contact list the same message.

Likes 1 – piexing

13. OMGITSJAD said on December 15, 2010, 03:58:27 PM (-08:00)

Shaymin
2,490 posts

Quote:
Originally Posted by Cat333Pokémon View Post
Part of it could be people following the links and supplying their passwords to scrupulous sites, which then send everyone on the contact list the same message.
Yeah, i've noticed quite a bit of messages for stuff like that on Steam lately. I was talking about blocking SoT's e-mail just so that he would stop being spammed, but that is correct. Be sure to read a link before you go to it and have to log in. Something like http://webmail.aol.com is fine, however, http://weebmailaol.tk is obviously not.

Likes 4 – Cat333Pokémon, piexing, Connec10, Shiny

14. evandeck said on December 15, 2010, 07:15:10 PM (-08:00)

Mudkip
47 posts

I just got some malware that is called "Backdoor:Win32/IRCbot.DL" I wonder if it has to do with this.

15. lelouchhero said on December 15, 2010, 10:46:37 PM (-08:00)

Magikarp
4 posts

Quote:
Originally Posted by evandeck View Post
I just got some malware that is called "Backdoor:Win32/IRCbot.DL" I wonder if it has to do with this.
Yeah my friend got that to sadly to say

16. The Spirit of Time said on December 16, 2010, 07:49:44 AM (-08:00)

Rayquaza
3,934 posts

Quote:
Originally Posted by Alakazamaster View Post
I think the fact that I keep getting e-mails containing viruses from you MAY be an issue...

But yeah, I am unaffected by this, and good thing too, since I am mediocre at computer-handling.
No. That has nothing to do with the problem Freeze mentioned. I know that it is slightly off-topic, but all those who are in the forums and have Shadow's email, then you guys need to know that his computer is packed with viruses and is sending emails to everyone. When I received an email from him, it got immediately forwarded to you Kaz.

Likes 1 – piexing

17. Shadow said on December 16, 2010, 08:50:17 AM (-08:00)

Giratina
3,209 posts

Quote:
Originally Posted by The Spirit of Time View Post
No. That has nothing to do with the problem Freeze mentioned. I know that it is slightly off-topic, but all those who are in the forums and have Shadow's email, then you guys need to know that his computer is packed with viruses and is sending emails to everyone. When I received an email from him, it got immediately forwarded to you Kaz.
What the heck? My computer is not PACKED with viruses, nor is it a virus in the first place. It turned out to be a bot which sends emails, containing a damaging link, through my address to my contacts. I changed my password (after one of my friends told me that this would solve it) and the matter is already settled. If it was a virus, I wouldn't have been able to resolve the issue so easily. Also, I used to get a lot of similar messages/IMs from my contacts, but I always avoided them because it was obvious that they're not real. On top of that, they don't automatically forward themselves to my contacts, or at least that didn't happen to me anytime. Therefore, there's no need to claim stuff from your own when you're not sure of it, especially when that has the potential to scare other people away. -__-

Likes 1 – piexing

18. Quadcentruo said on December 18, 2010, 04:11:58 PM (-08:00)

Giratina
3,684 posts

Oh I'm so glad that I somehow manage to keep things up-to-date and I'm also somehow able to avoid viruses like a crafty drunk on New Year's day. (I just stumble about, avoiding anything bad)

19. alternateshadow300 said on December 21, 2010, 08:55:18 AM (-08:00)

Haxorus
454 posts

I've been using Chrome and I haven't been infected by the recent malware attack or whatever you call it yet, however I'm cautious about where I go so I don't get it at all.

20. KingOfKYA said on December 21, 2010, 01:52:45 PM (-08:00)

Volcarona
523 posts

21. NismoZ said on December 21, 2010, 04:20:01 PM (-08:00)

Kyurem
2,014 posts

This is actually kind of worrying to me, my computer suddenly started lagging a ton around the time when Adsense got infected, and I didn't have Java up to date at the time...

...Crap.

Page 1 of 1

User List - Contact - Privacy Statement - Lycanroc.Net