Dat Phan Online
                      The homesite and meeting place of Dat Fans everywhere

Switch to Flash Forum
This topic is locked: you cannot edit posts or make replies.
Man your virus scanners!
Dat Fan Newbie

Joined: 23 Sep 2004
Posts: 2
Reply with quote
BEWARE OF FORUM VIRUSES
They are going around in avatars & signatures.
They appear as "red x's"
And contain(cant give you the whole url) the word smile in the url.
Th url link leads you to a page named "You are an idiot"
The virus self-installs by just reading a post with one of these images.
HOWEVER,
I forum found with this virus was also linked to this forum. THERE's A GOOD CHANCE THIS FORUM MIGHT BE NEXT

If this virus is discovered please email
Virus Control
Gmail Division 1
viruscontrol [at] gmail [dot] com

Thnks for reading
Virus Control
Field Crew
View user's profileFind all posts by InSaNeSend private messageSend e-mail
Tech Info For Trogen JS.Offiz
Dat Fan Newbie

Joined: 23 Sep 2004
Posts: 2
Reply with quote
Payload Trigger: n/a
Payload: n/a
Large scale e-mailing: n/a
Deletes files: n/a
Modifies files: n/a
Degrades performance: n/a
Causes system instability: Everytime an infected browser gets closed, it opens up six more with the same characteristics.
Releases confidential info: n/a
Compromises security settings: n/a
-----
When JS.Offiz is executed, it performs the following actions:


Opens a specified .swf file, which moves around the screen.


Traps the Alt, F4, Ctrl, and Del keys so that the user can not close the browser using standard keyboard commands.


When any of these keys are pressed, the script will generate the following message:

If the user closes the browser using the mouse, the script will open six other browsers with the same characteristics
-----
We Recomend
Turn off and remove unneeded services. By default, many operating systems install auxiliary services that are not critical, such as an FTP server, telnet, and a Web server. These services are avenues of attack. If they are removed, blended threats have less avenues of attack and you have fewer services to maintain through patch updates.
If a blended threat exploits one or more network services, disable, or block access to, those services until a patch is applied.
Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services.
Enforce a password policy. Complex passwords make it difficult to crack password files on compromised computers. This helps to prevent or limit damage when a computer is compromised.
Configure your email server to block or remove email that contains file attachments that are commonly used to spread viruses, such as .vbs, .bat, .exe, .pif and .scr files.
Isolate infected computers quickly to prevent further compromising your organization. Perform a forensic analysis and restore the computers using trusted media.
Train employees not to open attachments unless they are expecting them. Also, do not execute software that is downloaded from the Internet unless it has been scanned for viruses. Simply visiting a compromised Web site can cause infection if certain browser vulnerabilities are not patched.
----
Special Thanks:


Virus Control: Field Crew.

Eric Komar

Network Solutions.
----
Virus Control
For more info on this virus: viruscontrol[at]gmail[dot]com

_________________
Eric
View user's profileFind all posts by InSaNeSend private messageSend e-mail
Re: Tech Info For Trogen JS.Offiz
The Internet King
The Internet King

Joined: 13 Aug 2003
Posts: 1832
Location: Ehland (Canada)
Reply with quote
That's one nasty virus. Shocked Thanks for the info. I have a few questions though. Do you really get infected by the virus just by viewing the thread that contains the signature!? Doesn't phpbb block scripts and even html from operating on the page!? And what forum software was this infected forum with a link to Dat Phan Online using?
View user's profileFind all posts by userSend private messageAIM AddressYahoo MessengerICQ Number
Man your virus scanners!
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT - 8 Hours  
Page 1 of 1  

  
  
 This topic is locked: you cannot edit posts or make replies.