creatures caves welcome, guest
downloads   gallery   dev   community   creatchi   forum   mycaves
bookmarks | search | post new topic
News Forum
old
Albia2K Infected!   
eprillios
Geek Ettin

eprillios
Netherlands  

 visit eprillios's website: CreaturesCommunity.net
  8/24/2010

I don't like to be the reporter of this sort of news in a short period, but Albia2000 (and their sub-sites) seem to be infected with malware.

So if you where planning to go to Albia2000 - don't visit it, especially if you use a old version of your browser.

It's a strange story, because they also already had some of their sub-sites hacked a while ago.

With all these CC-sites fading out, I'll hope this gets over soon. :(




Geek Ettin's Lab (New!)
Bill Gates: "Be nice to nerds. Chances are you'll end up working for one."


 
ylukyun
Chaotic Chimera

ylukyun

Manager



  8/24/2010

It doesn't surprise me, it was already full of spambots and random ads.
 
eprillios
Geek Ettin

eprillios
Netherlands  

 visit eprillios's website: CreaturesCommunity.net
  8/24/2010

That's right, however they have put ads on the site theirselves.

If I remember correctly, they where using the PHP-Nuke system which is known to make security issues.

Anyone knows Ali is still around?




Geek Ettin's Lab (New!)
Bill Gates: "Be nice to nerds. Chances are you'll end up working for one."


 
Papriko
Peppery One

Papriko
Germany  


  8/24/2010

Oh oh, I linked to Norngarden a few days ago... It also runs on A2K

Lets play plants! Photosynthesis... Photosynthesis... Photosynthesis...
 
Don

Don
United Kingdom  

 visit Don's website: AmberCreatures
  8/24/2010

Where have you found malware there?

Don
AmberCreatures


 
Moe

Moe
United States  

 visit Moe's website: Creatures 2 to Docking Station
  8/24/2010

Ali should turn over control of the site to a CC member who could do something with it... It is one of the oldest running CC sties, if not the oldest still around. It should be preserved.
 
eprillios
Geek Ettin

eprillios
Netherlands  

 visit eprillios's website: CreaturesCommunity.net
  8/24/2010

I'm being redirected to fake "virus scan", even when I've did a deep clean on my computer. At the moment when I visit Albia 2000 I get a blank page...

It can be a post on the frontpage which injected some code into the page using a XSS issue.

EDIT: This only seems to happen when I do a Google Search (google.com, no rebranded search). I even have this problem on a other computer in our household.

For others who want to çheck if this is happening for more people here is the link below.

http://www.google.com/search?q=albia+2000




Geek Ettin's Lab (New!)
Bill Gates: "Be nice to nerds. Chances are you'll end up working for one."


 
C-Rex
Lollipop Lord

C-Rex
United Kingdom  

 visit C-Rex's website: The Norn Nebula
  8/24/2010

Yep, that's happening to me too. It's a shame such an old website has been infected by malicious software.

For anyone visiting the website: Don't allow it to scan your computer! It happened to me once, and my computer wouldn't work unless I put it in safe mode and ran a virus scan.


⋆ The Norn Nebula ⋆

My YouTube Channel

 
Don

Don
United Kingdom  

 visit Don's website: AmberCreatures
  8/24/2010

I don't see it, so its probably a banner advert that's calling the virus-alert-impersonating popup :(

I'll add detail on close the browser or reboot the PC to the news post.


Don
AmberCreatures


 
MisterPeaches

MisterPeaches
United States  


  8/24/2010

Crud, I went there a few times while taking wiki-walks through Creatures Wiki. Nothing seems to have been happening to me yet...

with a taste of your lips

i'm on a ride

 
Laura
Tea Queen

Laura
United Kingdom  
Administrator


 visit Laura's website: CC Chat
  8/24/2010

This news really saddens me, especially as I am/was a moderator there, and really active at one point. And its not like A2K has had many visitors in recent months. Very sad to have watched the site go gradually downhill. :(

Erin (the Forum Administrator there) did attempt to give Hellfrozeover and myself control over the forums a while ago - however, she only succeeded in turning us orange (the colour administrators show up as on the forums) and nothing more. :P

 
Malkin

Malkin
Australia  
Manager


 visit Malkin's website: Malkin's page at CWiki
  8/24/2010

Visiting A2K from a bookmark still seems to work for me.

My TCR Norns
 
Liam

Liam
Australia  

 visit Liam's website: Spellhold Studios
  8/24/2010

I'll ask Ali about it next time I talk to him. :)

- Liam / K'aeloree

Spellhold Studios, a Baldur's Gate II, Neverwinter Nights and Oblivion Modding Community

 
Officer-1BDI

Officer-1BDI
United States  

 visit Officer-1BDI's website: My Tumblr Account (semi-NSFW)
  8/24/2010

Thanks, Liam. :)

I'm also really sad to hear this. Not entirely surprised, but still sad. A2K was the first Creatures site I joined....


You have to be honest with yourself when you are writing. If that leads to somewhere unexpected then perhaps you really needed to go there.
-- Jim Adkins

 
ylukyun
Chaotic Chimera

ylukyun

Manager



  8/24/2010

Someone named "к&" just registered here. :D Maybe the malware scared off the botmasters and they are sending their guys over here now XD
 
Don

Don
United Kingdom  

 visit Don's website: AmberCreatures
  8/25/2010

Any site that uses adverts can suffer this problem with banner adverts opening malicious pop-up windows, and its happening to a lot of different sites at the moment.

The only thing you can really do is to report the offending banner to the advertising service or request they look into it and check their rotation.


Don
AmberCreatures


 
eprillios
Geek Ettin

eprillios
Netherlands  

 visit eprillios's website: CreaturesCommunity.net
  8/25/2010

How can that be possible if it only happens when you visited it with a search engine? ;) Also, you are redirected to a page on a free co.cc address.

The service they use for ads is Google Syndication and it doesn't have pop-ups or redirects. They are always checking ads before they are delivered to users.




Geek Ettin's Lab (New!)
Bill Gates: "Be nice to nerds. Chances are you'll end up working for one."


 
Don

Don
United Kingdom  

 visit Don's website: AmberCreatures
  8/26/2010

The referrer can effect the advert set used and banner scammers submit to the scheme can be replaced by a malicious pop-up call. I've seen that happen (with that same pop-up) through banner sites before so I'm presuming that'll be it.

I steer clear of ads myself :|


Don
AmberCreatures


 
Vatrena

Vatrena



  8/26/2010

I thought the Creatures sites are always clean. This is sad. Rootkits, viruses, spyware, worms, trojans, ransomware, adware everywhere. I want to be computer security expert when I grow up, I'm not sure how many sites will be hacked or infected when I turn 21. :(

Anyway, I don't think adds are bad, if there aren't more than 1 or 2 and if they aren't from doubleclick, fastclick etc.

When will A2K be recovered from infection? I had a luck, I never got fake antiviruses, I only readed much about them. But I can imagine how it is when you are redirected to fake virus scan. I'm using Web of Trust for IE 8 which blocks bad sites and fake virus sites, and Mcafee Site Advisor just for case.
I'm really concerned about A2K. :(
:|


I'm a hardcore christian first, and a creature breeder second.

 
MisterPeaches

MisterPeaches
United States  


  8/26/2010

If it's just the advert as the news article on the main page suggested, using an adblocker like the free one you can download for Firefox might do the trick. It completely prevents adverts from popping up, although I'm too chicken to do the investigation myself. :p

(EDIT:Whoops, accidentally triggered the censor. My bad.)


with a taste of your lips

i'm on a ride

 
eprillios
Geek Ettin

eprillios
Netherlands  

 visit eprillios's website: CreaturesCommunity.net
  8/27/2010

Uhmmm.... It's not a ad or a pop-up delivered by DoubleClick and other similar services. But probably a XSS attacker injected some code that launches JavaScript windows, warnings, redirects and other annoying techniques.

You can call this a Browser exploit.

Can a manager change this in the news post to prevent misunderstandings? :)

Please correct me if I'm wrong, but this is what I think what was happened. ;)




Geek Ettin's Lab (New!)
Bill Gates: "Be nice to nerds. Chances are you'll end up working for one."


 
Laura
Tea Queen

Laura
United Kingdom  
Administrator


 visit Laura's website: CC Chat
  8/27/2010

I'll wait for Don to come along and have a look, since I'm sure she knows more about this kind of thing than I do. :)
 
Don

Don
United Kingdom  

 visit Don's website: AmberCreatures
  8/27/2010

The news post is suitable as the problem is a pop-up.

Don
AmberCreatures


 
EmergencyTowel

EmergencyTowel
United States  


  8/27/2010

What the cheesecake people? We are just innocent gamers!

In my nerd cave, nobody can hear you scream.
Feed my pets: Shroomy and Glow!

 
Jodie

Jodie
United Kingdom  

 visit Jodie's website: My Deviantart Page =P
  10/15/2010

I oftan come across those fake virus scans this is what I do. I close the one that pops up and use my real antiviruscan So I keep safe. I learned the hard way through those fake scans ^^' They Install a ton of Viruses when they are "Scanning" So if you close the Fake Virus scan and use a Real Antivirus Scan there is no problem unless you have a virus allready ^^'.


 
Lulutherebel

Lulutherebel



  11/23/2010

The fake virus scan is now gone, I have checked it over a course of 2 months, and the site is back to normal
 


downloads
cobs
adoptions
creaturelink
metarooms
breeds
 
gallery
art
wallpaper
screenshots
graphics
promos
sprites
dev
hack shack
script reservations
dev resources
active projects
dev forum
 
community
links
advice
chat
polls
resources
creatchi
 
forum
bookmarks
general
news
help
development
strangeo
survivor
mycaves
log in
register
lost pw
1 online
mea
creatures caves is your #1 resource for the creatures artificial life game series: creatures, creatures 2, creatures 3, docking station, and the upcoming creatures family.

contact    help    privacy policy    terms & conditions    rules    donate    wiki