
Go to bottom

POUET.NET is hacked / infected with a javascript worm

category: general [glöplog]
hermes: you prolly have to disable XP 'System File Protection' before being able to rename/erase those dll.

the browser plugin architecture is essential to give browsers more multimedia features, you can hardly skip using adobe reader or adobe flash ones...
added on the 2008-02-03 14:08:39 by Zest Zest
I agree with Flash, but the adobe reader plugin is just annoying, it takes ages to load here and it's so fucking slow...
Not that I use my PC all that much any more, but still.. Yay. :)

catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
added on the 2008-02-03 14:10:57 by gloom gloom
Did they put a logic bomb in the trap-door?
added on the 2008-02-03 14:26:49 by kusma kusma
Zest: Thanks for the info but I think I'll leave it enabled. I just wondered how a Plugin for a 3rd party browser is considered a core system file by XP ;)

Concerning the multimedia browser experience: IMHO things like video players, games etc. do not belong into a browser. While I'm the occasional YouTube visitor myself, I would not mind installing a YouTube player for that..or maybe a better solution would be to have a standard VM like Java or .NET ..OTOH in their current forms I wouldn't want to use these because they take ages to start up and/or consume too much memory..(haven't looked at .NET that much but the drawback with that ofcourse is that it's basically designed for Windows (APIs..)

I also think that the whole scripting thing in todays browsers is overdone, why the hell would someone want to use a wordprocessor or HTML editor written in JavaScript ?! seriously, give me a break!

But hey, since the Intarnet is the Next TV..nobody really cares.
I for one am looking forward to The Mainstream OS 2030, completely written in ECMAScript 10.x and running in a browser !
added on the 2008-02-03 14:35:15 by xyz xyz
Saga Musix: 0_0 your MBR has been hacked by the German mafia.

Beside, remove the stuff in the plugins folder of Adobe Reader to speed it up, or use another PDF reader like FoxIt.

hermes: You know that any browser will let ou turn off all plugins if you want. But it's not 100% safe, remember the WPF exploit ( thank you MicroSoft ) or the PNG buffer overlofw exploit in LibPNG.

If you REALLY want to be safe, you should also disable images, and scripting, and make sure to use the latest version of your browser ... or maybe just use Lynx or surf through TCPDump
added on the 2008-02-03 14:41:02 by p01 p01
or don't visit the internet at all!
I just wondered how a Plugin for a 3rd party browser is considered a core system file by XP ;)
added on the 2008-02-03 14:45:07 by p01 p01
I for one am looking forward to The Mainstream OS 2030, completely written in ECMAScript 10.x and running in a browser !
To the time machine!
added on the 2008-02-03 14:49:43 by masterm masterm
Saga Musix - that MBR is the same as mine and I didn't have the pop up. I think it is just something that happens when you use fixmbr. Don't panic about that message.
added on the 2008-02-03 14:51:31 by Gmitts Gmitts
p01: Apparently FireFox won't let me turn them off so simply or maybe I am missing the obvious ?! I was very suprised to not find any dialogs that would let me activate/deactive plugins..

Ofcourse you are right that there always is a certain risk (images, faulty HTML engines etc.) but my point was just that I'd prefer to minimize the risk by removing all the non-essential stuff from a browser. If you look at the history of exploits (not just PCs, also consoles for example), backdoors often were found were they were least expected !

..and you might laugh but several years ago I used to surf with lynx/links quite a lot (back when I still had a 56k modem)

added on the 2008-02-03 14:56:17 by xyz xyz
masterm: Exactly, the cracks are already beginning to show!11

Not that anyone gets me wrong, using VMs for applications is a very good idea..but why put it all into a web browser !
added on the 2008-02-03 15:00:11 by xyz xyz
hermes, you can remove those file viewers like Acrobat Ready easly in the settings, but i don't know about <embed>ded Code.
BB Image
hermes: you seem to ignore the web/net evolution : many business/mainstream services that don't need hardcore calculation/visuals have been webified because of the so many obvious reasons. As poi said, Lynx is still available for people who want text-only pages :>

in a near future with IPV6 we should see more and more industrial machines and everyday life ones communicating to each others, beyond the classical servers... think about the security concern! O_o Superscamp is sure to stay busy ;)
added on the 2008-02-03 15:02:40 by Zest Zest
hermes: Dunno about FF, but in Opera it's Tools > Preferences > Advanced > Content > [_] enable plugins
added on the 2008-02-03 15:03:58 by p01 p01
do you get paid for every time you mention opera on pouet or smth? :P
I wish.
added on the 2008-02-03 15:25:48 by p01 p01
Saga Musix: I think these settings are only for the MIME types, things like DivX Webplayer/Uploader, Java and VLC player(I think) didn't show up there

Zest: Yes it probably is a security nightmare already..even without the browser bugs (the weakest link in the security chain is most often found in front of the monitor ;)) and it's not that I want 1995 back, I just think that webbrowsers are a bit overdone and one of the reasons for that is probably that the W3C web standards are designed by brainiacs who sometimes seem to be miss what ppl really want (e.g. a weblication like Google Mail for example should not require heavy JavaScripting)..but that's a different rant :)
Flash is now the only plugin I kept but I don't really like the fact that it even exists because its basically a proof that W3C standards just don't cut it when it comes to simple animation/eye candy stuff (there must be a way to get that while still keeping pages indexable and accessible for disabled persons!)

p01: I could swear having seen something like that in earlier versions of Netscape..and yes, Opera rocks, don't know why I am still using FF, must be the force of habit
added on the 2008-02-03 15:36:08 by xyz xyz

I tend to agree with
the W3C web standards are designed by brainiacs who sometimes seem to be miss what ppl really want (e.g. a weblication like Google Mail for example should not require heavy JavaScripting)..but that's a different rant :)
Hopefully it seems that have seen the light with ARIA and there seem to be a move towards properly spec'd web applications.
W3C standards just don't cut it when it comes to simple animation/eye candy stuff (there must be a way to get that while still keeping pages indexable and accessible for disabled persons!)
I believe it's called SVG ;) heck, even JS done right can deliver what you want and remain accessible.

added on the 2008-02-03 15:42:44 by p01 p01
p01: Don't get me started on SVG :) Even its simple profile is way too bloated IMHO. Basically, it's a good thing but I still haven't seen any sites that demonstrate that SVG is a real alternative to SWF (i.e. I have only seen SVG being used to display static vector graphics but according to its specs it should be possible to create a real game with just SVG+JS).
heck, even JS done right can deliver what you want

are you sure about that? My web programming days are over (since ~5 years) but last time I checked you couldn't just set the alpha and blend function for a div, at least not in a portable way. Do you have any examples for e.g. a game or demo written entirely in JS+HTML (not to prove anything, I am just being curious) I think I have seen a Mario platformer once but it was quite slow
Concerning ARIA: Seems be a move into the right direction

ah yes..and this is ofcourse very off topic, we should better stop at this point or move to another thread :)

added on the 2008-02-03 16:09:47 by xyz xyz
Don't a think a thread about web standards based demo stuffs would interest many people. Couldn't see any contact info in your pouet account, mail me if you want to go on.
added on the 2008-02-03 16:17:01 by p01 p01
Does NoScript protect you?
yes since the first step of the worm is / was using JavaScript to load something ( we haven't seen due to the 404 since saturday afternoon-ish ) using an exploit to install a trojan / whatever
added on the 2008-02-03 16:27:26 by p01 p01
I'm always interested in web standards based demo stuffs.
added on the 2008-02-03 16:34:47 by raina raina
so am i.

EyeChess is not graphically heavy but it's definitively cool to play a chess game based on js only (and whynot ajax, as the AI moves could be computed on a deep blue server ;)
added on the 2008-02-03 16:43:32 by Zest Zest


Go to top