Posted on 08/09/2009 5:56:47 AM PDT by SvenMagnussen
On the night of July 31, I first noticed this alert at the website of Dr. Orly Taitz, Esq.:
On that date, July 31, 2009:
What happened when Google visited this site?
Of the 8 pages we tested on the site over the past 90 days, 2 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2009-07-31, and the last time suspicious content was found on this site was on 2009-07-31.
Malicious software includes 2 scripting exploit(s). Successful infection resulted in an average of 2 new process(es) on the target machine.
Malicious software is hosted on 3 domain(s), including cybercrime-protection.cn/, mcafee-malware.com/, security-alerts.cn/.
1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including security-alerts.cn/.
(Excerpt) Read more at ohforgoodnesssake.com ...
My Firefox No script killed it good.
But if FR itself is infected, then I am b/c I allow scripts on FR...
WHat AV are you running?
Norton on that machine. Never have had that problem before or since.
Hackers get into your web site. Happens fairly easily with the software we have out there now. They typically install malicious links to spyware sites. Now if they can get code installed on the server, typically by uploading a file that gets executed through a security hole, they can actually put fake bank login screen files on your site. Then your users get those files on their computers if they go to your site with some weak anti-spyware and weak firewalls. Now you have malicious bank fraud files on the user computers. It ended up on my computer and they had a fake bofa login screen when I was doing my online banking. I know it came from my hosted server because I found the code and have saved it to a cd. They even had a directory called bofa on my hosted server. Now get this, I could not delete the files even though it was my site. Permission denied. Had to have the server admin guy use probably root privileges and delete the malicious software. I know the software could steal your bank login info because it stole mine and they tried to post a ~$2,000 check to my bofa account. That account has not had a check posted in 3 years. I don't even have any physical checks. It was my paypal bank account where paypal dollars was swapped into US dollars. So I told the bank immediately it was fraud and they put a hold on it. The hackers did not get any money and although the bofa internet fraud people were busy and never called me back, the fraud check posting eventually disappeared. I think that made the hackers mad. So they returned to my hosted site two weeks later, and even though all passwords were changed and all hacked files removed, we got an attack in the middle of the day. Again they uploaded the bofa files. This time however I suspect that they anonymously informed bofa, or bofa was watching the site. Because bofa fired off a email right away to the hosting service. Basically said their trademark has been violated and fraud had occurred and the hosting server had 24 hours to shut the site down and replace it with a link to web page that basically said anyone who had accessed the site could have been screwed. Now my hosting service did not link to that page and just shut down the site. Got an error when you accessed it. Now all this occurred over about a 3 to 4 hour period. The site was gone before I even had another chance to clean it up. So knowing that, you have to be very careful when using your computer to access online financial accounts. Perhaps an IT expert can see if that possibly could have happened with your particular situation.
Please delete above post.
Please delete post 45.
Thanks for deleting the previous bad link Admin Moderator. You guys are fast.
George Soros’s son is sitting on Google board.
I use Dog Pile search engine most of the time. They helped a US serviceman bring back 2 pups from Iraq.
Do not use Google. Dogpile I think uses Google but they do not log your searches as far as I know.
and that is exactly why I don’t use Google and if I do, I go thought an anonymous server to use Google.
George Soros’s son is sitting on Google board.
Would some one care to identify which one of these board members is Soros’s son......
http://www.google.com/intl/en/corporate/execs.html
Don’t use Google....EVER unless you go through another server. I chech my registry daily to make sure there is nothing named Google in it. If there is, I delete the registry key.
Are you saying FR posters were infected or the FR website is now infected? I went to that site with Firefox and none of my programs detected anything. However, it’s possible my spyware doctor that runs all the time blocked it because I have it set to block automatically and not to notify me. It blocks and takes care of it automatically.
Don’t know about this particular situation, but from what I can tell FreeRepublic appears to be a very well run and secure site. The fact that users are not allowed to upload files here and can only post links means that any worse case serious infections will probably not come through this site. My postings and warnings on this thread were about a non-political business website that I was running which was a worse case hijacked scenario.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.