back to article Hackers turn Cleveland into malware server

Tens of thousands of websites belonging to Fortune 500 corporations, state government agencies and schools have been infected with malicious code that attempts to engage in click fraud and steal online game credentials from people who visit the destinations, security researches say. At time of writing, more than 94,000 URLs …

COMMENTS

This topic is closed for new posts.
  1. Joseph Helenihi
    Coat

    Vulnerable

    "Ullrich said he was unsure where the vulnerability lies in the latest round of attacks."

    Hope he, or someone, puts the fix on soon.

    In the meantime, I for one welcome our new malware injecting, website hacking, game password stealing overlords.

    >coat >door >taxi >home >bed >covers >cringe

  2. Anonymous Coward
    Pirate

    Looks like Chinese, sounds like Chinese.....

    "indicating the attackers were fluent in Chinese"

    Is this the new PC way of saying: Chinese criminals?

  3. Jason Rivers
    Happy

    what about us...

    ...bearded linux users.... they didn't think of that :)

    now, if you'd all be so kind as to leave MS in the distance behind, the world can be a better place for all.

  4. Anonymous Coward
    Alert

    that Chinese-based registrar

    Most of the recent wave of spam I've seen was connected to sites registered by this alleged "registrar". Maybe we should start redirecting all of that spam to a Chinese Embassy somewhere?

  5. Anonymous Coward
    Anonymous Coward

    "fluent in Chinese"

    Oh yeah? And I'm fluent in American.

  6. Karl Lattimer

    American?

    American? I didn't know that was a language, but there again, I always thought that the language spoken by the Chinese was mandarin...

  7. Sandra Greer
    Unhappy

    Don't talk to that registrar..

    The written language is Chinese. The spoken languages are whatever-- Mandarin is just one. It's a great cultural strength that the written language is available, more or less, to all literates, whatever they speak. So an evil registrar with website in Chinese has pretty much the reach as an evil registrar with website in English.

  8. GreyWolf

    Block the malware

    Over on The Other Site That Shall Not Be Named, someone posted a way to prevent yourself getting infected.

    1. Use Firefox

    2. Add the Adblock Plus extension (worthwhile regardless)

    3, Add this string as a new filter in Adblock Plus

    http://*.uc8010.com/*

    Let us all know if you get infected anyway.

  9. Christopher E. Stith
    Alert

    A way that's a pain but works with more browsers than just FF (on XP)

    These will work for XP unless there's a hostname other than uc8010.com and www.uc8010.com in use.

    1. Open the file \windows\system32\drivers\etc\hosts on your main Windows drive (usually C:)

    2. in the left-hand column, put something unrouteable, like 10.0.0.2 or better yet 127.0.0.2

    3. hit tab, maybe a couple of times

    4. in the new column, put uc8010.com

    5. tab over again

    6. put in www.uc8010.com

    6b. you can put a comment in if you want, anything after '#'' is disregarded to the end of the line

    7. save the file

    8. flush your DNS (ipconfig /flushdns at the command line) and restart your net apps, or reboot the system

    I understand there's more to editing your hosts file on Vista, but I haven't done that so GIYF if you choose to go this route on that.

  10. Quirkafleeg
    Boffin

    Unrouteable addresses

    192.0.2.0/24 (192.0.2.1 to 192.0.2.254) is guaranteed unrouteable.

This topic is closed for new posts.

Other stories you might like