back to article Hackers turn Cleveland into malware server

Tens of thousands of websites belonging to Fortune 500 corporations, state government agencies and schools have been infected with malicious code that attempts to engage in click fraud and steal online game credentials from people who visit the destinations, security researches say. At time of writing, more than 94,000 URLs had …

COMMENTS

This topic is closed for new posts.
Coat

Vulnerable

"Ullrich said he was unsure where the vulnerability lies in the latest round of attacks."

Hope he, or someone, puts the fix on soon.

In the meantime, I for one welcome our new malware injecting, website hacking, game password stealing overlords.

>coat >door >taxi >home >bed >covers >cringe

0
0
Pirate

Looks like Chinese, sounds like Chinese.....

"indicating the attackers were fluent in Chinese"

Is this the new PC way of saying: Chinese criminals?

0
0
Happy

what about us...

...bearded linux users.... they didn't think of that :)

now, if you'd all be so kind as to leave MS in the distance behind, the world can be a better place for all.

0
0
Alert

that Chinese-based registrar

Most of the recent wave of spam I've seen was connected to sites registered by this alleged "registrar". Maybe we should start redirecting all of that spam to a Chinese Embassy somewhere?

0
0
Anonymous Coward

"fluent in Chinese"

Oh yeah? And I'm fluent in American.

0
0

American?

American? I didn't know that was a language, but there again, I always thought that the language spoken by the Chinese was mandarin...

0
0
Unhappy

Don't talk to that registrar..

The written language is Chinese. The spoken languages are whatever-- Mandarin is just one. It's a great cultural strength that the written language is available, more or less, to all literates, whatever they speak. So an evil registrar with website in Chinese has pretty much the reach as an evil registrar with website in English.

0
0

Block the malware

Over on The Other Site That Shall Not Be Named, someone posted a way to prevent yourself getting infected.

1. Use Firefox

2. Add the Adblock Plus extension (worthwhile regardless)

3, Add this string as a new filter in Adblock Plus

http://*.uc8010.com/*

Let us all know if you get infected anyway.

0
0
Alert

A way that's a pain but works with more browsers than just FF (on XP)

These will work for XP unless there's a hostname other than uc8010.com and www.uc8010.com in use.

1. Open the file \windows\system32\drivers\etc\hosts on your main Windows drive (usually C:)

2. in the left-hand column, put something unrouteable, like 10.0.0.2 or better yet 127.0.0.2

3. hit tab, maybe a couple of times

4. in the new column, put uc8010.com

5. tab over again

6. put in www.uc8010.com

6b. you can put a comment in if you want, anything after '#'' is disregarded to the end of the line

7. save the file

8. flush your DNS (ipconfig /flushdns at the command line) and restart your net apps, or reboot the system

I understand there's more to editing your hosts file on Vista, but I haven't done that so GIYF if you choose to go this route on that.

0
0
Boffin

Unrouteable addresses

192.0.2.0/24 (192.0.2.1 to 192.0.2.254) is guaranteed unrouteable.

0
0
This topic is closed for new posts.

Forums