Mr-Protocol Posted January 27, 2010 Share Posted January 27, 2010 This was just sent to me from MannInBlackk and I believe it to be spam... Be advised everyone. Hello, friend. There are viruses' activities from your computer in last few days. Strongly recommend you to check your computer. You can find a report about your computer's security and solve every problem with it here: http://www.check-pc.net/detected/(AccountName) Thank you. Forum member. Quote Link to comment Share on other sites More sharing options...
dingoatemybaby Posted January 27, 2010 Share Posted January 27, 2010 I have been sent the same - word for word with my user name put in. I strongly urge people NOT to click on any links. I also urge people who run this whole site to check for compromised security. I have Kaspersky and a truckload of anti-virus gear. The chances of me having any virus or malware are very small. Mannin black should also be banned from the forum unless he or she is an innocent victim of a hacked account. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted January 27, 2010 Author Share Posted January 27, 2010 Actually... I'm going to click it LOL but in a virtual machine... Let's see what it is :D Quote Link to comment Share on other sites More sharing options...
dingoatemybaby Posted January 27, 2010 Share Posted January 27, 2010 I knew it. I have just done the "wet paint". lol. OK. Virtual machine. Maybe Linux as well could be a good idea. And sandboxing. But I'm not touching it with anything. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted January 27, 2010 Author Share Posted January 27, 2010 Eh, XP virtual machine i could care less about. Says page cannot be displayed. Installing Wireshark in VirtualBox VM of XP to see what packets look like. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted January 27, 2010 Author Share Posted January 27, 2010 GET /detected/Mr-Protocol HTTP/1.1 Accept: application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, image/pjpeg, application/x-ms-application, application/x-ms-xbap, application/vnd.ms-xpsdocument, application/xaml+xml, */* Accept-Language: en-us User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) Accept-Encoding: gzip, deflate Host: www.check-pc.net Connection: Keep-Alive HTTP/1.1 302 Found Date: Wed, 27 Jan 2010 07:19:29 GMT Server: Apache/2 Location: http://www.check-pc.net/pc/out.php Content-Length: 286 Keep-Alive: timeout=1, max=100 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>302 Found</title> </head><body> <h1>Found</h1> <p>The document has moved <a href="http://www.check-pc.net/pc/out.php">here</a>.</p> <hr> <address>Apache/2 Server at www.check-pc.net Port 80</address> </body></html> GET /pc/out.php HTTP/1.1 Accept: application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, image/pjpeg, application/x-ms-application, application/x-ms-xbap, application/vnd.ms-xpsdocument, application/xaml+xml, */* Accept-Language: en-us User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) Accept-Encoding: gzip, deflate Host: www.check-pc.net Connection: Keep-Alive HTTP/1.1 302 Found Date: Wed, 27 Jan 2010 07:19:29 GMT Server: Apache/2 X-Powered-By: PHP/5.2.10 Location: http://extrassecurityzone.com/hitin.php?&affid=41000 Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Content-Length: 20 Keep-Alive: timeout=1, max=99 Connection: Keep-Alive Content-Type: text/html .................... Quote Link to comment Share on other sites More sharing options...
aloishis89 Posted January 27, 2010 Share Posted January 27, 2010 haha yeah, VM was the first thing I did. Time to see how secure that domain is... Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted January 27, 2010 Author Share Posted January 27, 2010 Yeah i'm done playing with it... could care less but just wanted to notify people Quote Link to comment Share on other sites More sharing options...
aloishis89 Posted January 27, 2010 Share Posted January 27, 2010 got a login prompt for ftp://extrasecurityzone.com, does anyone want to start running hydra on it? Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted January 27, 2010 Author Share Posted January 27, 2010 Couldn't ping. Got this: ping extrassecurityzone.com Ping request could not find host extrassecurityzone.com. Please check the name a nd try again. Quote Link to comment Share on other sites More sharing options...
aloishis89 Posted January 27, 2010 Share Posted January 27, 2010 i got that too, but I tried it on my netbook and got a reply from 193.169.13.200 Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted January 27, 2010 Author Share Posted January 27, 2010 IP: 193.169.13.200 IP Country: ip address flag Ukraine Quote Link to comment Share on other sites More sharing options...
criticalmass Posted January 27, 2010 Share Posted January 27, 2010 yea i just got this too. i was like wtf. Quote Link to comment Share on other sites More sharing options...
manuel Posted January 27, 2010 Share Posted January 27, 2010 not trolling, but there is a stickied post, in this section to be exact, http://hak5.org/forums/index.php?showtopic=15325 That asks uses to forward to a member of the moderation team. Quote Link to comment Share on other sites More sharing options...
COKEMAN Posted January 27, 2010 Share Posted January 27, 2010 Just FYI, sent the same as the OP from the same user. Quote Link to comment Share on other sites More sharing options...
screw_ball69 Posted January 27, 2010 Share Posted January 27, 2010 I got this as well. Quote Link to comment Share on other sites More sharing options...
G-Stress Posted January 27, 2010 Share Posted January 27, 2010 I just received this as well Quote Link to comment Share on other sites More sharing options...
moonlit Posted January 27, 2010 Share Posted January 27, 2010 Dealing with the offending users as we speak, don't click on the links. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.