News Forum |
|
|
Geek Ettin
eprillios
|
8/24/2010 | |
I don't like to be the reporter of this sort of news in a short period, but Albia2000 (and their sub-sites) seem to be infected with malware.
So if you where planning to go to Albia2000 - don't visit it, especially if you use a old version of your browser.
It's a strange story, because they also already had some of their sub-sites hacked a while ago.
With all these CC-sites fading out, I'll hope this gets over soon.
Geek Ettin's Lab (New!)
Bill Gates: "Be nice to nerds. Chances are you'll end up working for one."
|
Patient Pirate
ylukyun
Manager
|
8/24/2010 | |
It doesn't surprise me, it was already full of spambots and random ads. |
Geek Ettin
eprillios
|
8/24/2010 | |
That's right, however they have put ads on the site theirselves.
If I remember correctly, they where using the PHP-Nuke system which is known to make security issues.
Anyone knows Ali is still around?
Geek Ettin's Lab (New!)
Bill Gates: "Be nice to nerds. Chances are you'll end up working for one."
|
Peppery One
Papriko
|
8/24/2010 | |
Oh oh, I linked to Norngarden a few days ago... It also runs on A2K
Lets play plants! Photosynthesis... Photosynthesis... Photosynthesis... |
Don
|
8/24/2010 | |
Where have you found malware there?
Don
AmberCreatures
|
Moe
|
8/24/2010 | |
Ali should turn over control of the site to a CC member who could do something with it... It is one of the oldest running CC sties, if not the oldest still around. It should be preserved. |
Geek Ettin
eprillios
|
8/24/2010 | |
I'm being redirected to fake "virus scan", even when I've did a deep clean on my computer. At the moment when I visit Albia 2000 I get a blank page...
It can be a post on the frontpage which injected some code into the page using a XSS issue.
EDIT: This only seems to happen when I do a Google Search (google.com, no rebranded search). I even have this problem on a other computer in our household.
For others who want to çheck if this is happening for more people here is the link below.
http://www.google.com/search?q=albia+2000
Geek Ettin's Lab (New!)
Bill Gates: "Be nice to nerds. Chances are you'll end up working for one."
|
Lollipop Lord
C-Rex
|
8/24/2010 | |
Yep, that's happening to me too. It's a shame such an old website has been infected by malicious software.
For anyone visiting the website: Don't allow it to scan your computer! It happened to me once, and my computer wouldn't work unless I put it in safe mode and ran a virus scan. |
Don
|
8/24/2010 | |
I don't see it, so its probably a banner advert that's calling the virus-alert-impersonating popup
I'll add detail on close the browser or reboot the PC to the news post.
Don
AmberCreatures
|
MisterPeaches
|
8/24/2010 | |
Crud, I went there a few times while taking wiki-walks through Creatures Wiki. Nothing seems to have been happening to me yet...
with a taste of your lips
i'm on a ride |
Tea Queen
Laura
Administrator
|
8/24/2010 | |
This news really saddens me, especially as I am/was a moderator there, and really active at one point. And its not like A2K has had many visitors in recent months. Very sad to have watched the site go gradually downhill.
Erin (the Forum Administrator there) did attempt to give Hellfrozeover and myself control over the forums a while ago - however, she only succeeded in turning us orange (the colour administrators show up as on the forums) and nothing more. |
Malkin
Manager
|
8/24/2010 | |
Visiting A2K from a bookmark still seems to work for me.
My TCR Norns |
Liam
|
8/24/2010 | |
I'll ask Ali about it next time I talk to him.
- Liam / K'aeloree
Spellhold Studios, a Baldur's Gate II, Neverwinter Nights and Oblivion Modding Community |
Officer-1BDI
|
8/24/2010 | |
Thanks, Liam.
I'm also really sad to hear this. Not entirely surprised, but still sad. A2K was the first Creatures site I joined....
You have to be honest with yourself when you are writing. If that leads to somewhere unexpected then perhaps you really needed to go there.
-- Jim Adkins |
Patient Pirate
ylukyun
Manager
|
8/24/2010 | |
Someone named "к&" just registered here. Maybe the malware scared off the botmasters and they are sending their guys over here now XD |
Don
|
8/25/2010 | |
Any site that uses adverts can suffer this problem with banner adverts opening malicious pop-up windows, and its happening to a lot of different sites at the moment.
The only thing you can really do is to report the offending banner to the advertising service or request they look into it and check their rotation.
Don
AmberCreatures
|
Geek Ettin
eprillios
|
8/25/2010 | |
How can that be possible if it only happens when you visited it with a search engine? Also, you are redirected to a page on a free co.cc address.
The service they use for ads is Google Syndication and it doesn't have pop-ups or redirects. They are always checking ads before they are delivered to users.
Geek Ettin's Lab (New!)
Bill Gates: "Be nice to nerds. Chances are you'll end up working for one."
|
Don
|
8/26/2010 | |
The referrer can effect the advert set used and banner scammers submit to the scheme can be replaced by a malicious pop-up call. I've seen that happen (with that same pop-up) through banner sites before so I'm presuming that'll be it.
I steer clear of ads myself
Don
AmberCreatures
|
Vatrena
|
8/26/2010 | |
I thought the Creatures sites are always clean. This is sad. Rootkits, viruses, spyware, worms, trojans, ransomware, adware everywhere. I want to be computer security expert when I grow up, I'm not sure how many sites will be hacked or infected when I turn 21.
Anyway, I don't think adds are bad, if there aren't more than 1 or 2 and if they aren't from doubleclick, fastclick etc.
When will A2K be recovered from infection? I had a luck, I never got fake antiviruses, I only readed much about them. But I can imagine how it is when you are redirected to fake virus scan. I'm using Web of Trust for IE 8 which blocks bad sites and fake virus sites, and Mcafee Site Advisor just for case.
I'm really concerned about A2K.
I'm a hardcore christian first, and a creature breeder second.
|
MisterPeaches
|
8/26/2010 | |
If it's just the advert as the news article on the main page suggested, using an adblocker like the free one you can download for Firefox might do the trick. It completely prevents adverts from popping up, although I'm too chicken to do the investigation myself. :p
(EDIT:Whoops, accidentally triggered the censor. My bad.)
with a taste of your lips
i'm on a ride |
Geek Ettin
eprillios
|
8/27/2010 | |
Uhmmm.... It's not a ad or a pop-up delivered by DoubleClick and other similar services. But probably a XSS attacker injected some code that launches JavaScript windows, warnings, redirects and other annoying techniques.
You can call this a Browser exploit.
Can a manager change this in the news post to prevent misunderstandings?
Please correct me if I'm wrong, but this is what I think what was happened.
Geek Ettin's Lab (New!)
Bill Gates: "Be nice to nerds. Chances are you'll end up working for one."
|
Tea Queen
Laura
Administrator
|
8/27/2010 | |
I'll wait for Don to come along and have a look, since I'm sure she knows more about this kind of thing than I do. |
Don
|
8/27/2010 | |
The news post is suitable as the problem is a pop-up.
Don
AmberCreatures
|
EmergencyTowel
|
8/27/2010 | |
What the cheesecake people? We are just innocent gamers!
In my nerd cave, nobody can hear you scream.
Feed my pets: Shroomy and Glow! |
Jodie
|
10/15/2010 | |
I oftan come across those fake virus scans this is what I do. I close the one that pops up and use my real antiviruscan So I keep safe. I learned the hard way through those fake scans ^^' They Install a ton of Viruses when they are "Scanning" So if you close the Fake Virus scan and use a Real Antivirus Scan there is no problem unless you have a virus allready ^^'.
|
Lulutherebel
|
11/23/2010 | |
The fake virus scan is now gone, I have checked it over a course of 2 months, and the site is back to normal |