david johnson Posted October 7, 2011 Report Share Posted October 7, 2011 Keep getting a message from my virus protection that byyb.org contains a virus and it will not let me on. I think i was actually on the site when something happened. Can't get on to it from home or work computer. Anyone know anything about this? Quote Link to comment Share on other sites More sharing options...
Barry Pyeatt Posted October 7, 2011 Report Share Posted October 7, 2011 Ditto, think it has been hacked and the attempt is to spread to everyones computers that are linked to the BYYB Quote Link to comment Share on other sites More sharing options...
Frank Hagan Posted October 7, 2011 Report Share Posted October 7, 2011 Are you still getting the message? There were some javascript errors (I think), and the site was down, but it is back up now. It scans clean: Quote Link to comment Share on other sites More sharing options...
Frank Hagan Posted October 7, 2011 Report Share Posted October 7, 2011 Overnight, I installed a CentOS linux, cPanel approved virus scanner on the server, and checked all of the BYYB files for viruses. Everything seems clean. Please let me know if your browsers are still identifying any threats on the BYYB site. All messing-about and HOSTkabob.com hosting customers are on the same server. Customers can find a new "Virus Scan" icon in cPanel to scan their site anytime. Or contact me and I can do it for you. Scanning is a resource intensive activity, so try to do it during an off-peak time. Like the middle of the night! Quote Link to comment Share on other sites More sharing options...
Al Stead Posted October 8, 2011 Report Share Posted October 8, 2011 My browser keeps asking me if I want to allow the website to open a program on my computer. the program is from mefvkbnmmcp.com. What the heck is this? Al Quote Link to comment Share on other sites More sharing options...
PAR Posted October 8, 2011 Report Share Posted October 8, 2011 mefvkbnmmcp.com is a known "attack" site, so stay off it. Most browsers will automatically warn you if you have any reasonable amount of threat protection. BYYB did act funny last night, but seems fine now. Thanks Frank (again) . . . Quote Link to comment Share on other sites More sharing options...
ChrisObee Posted October 8, 2011 Report Share Posted October 8, 2011 Yes there is still a problem with BYYB. AVG warns of some sort of exploit. Its not a virus Quote Link to comment Share on other sites More sharing options...
Frank Hagan Posted October 8, 2011 Report Share Posted October 8, 2011 Yes, there is something there that I'm still not catching. I found "Malicious Toolbox 9" exploit code in many of the files and cleaned those last night. Because it isn't actually a virus, the virus scanner is not picking it up. But now Chris is finding another exploit. I think I'll need to take the site down temporarily. I have an ill aunt I'm helping this morning, so it will be tonight or Sunday before the site is back up again. Quote Link to comment Share on other sites More sharing options...
Frank Hagan Posted October 8, 2011 Report Share Posted October 8, 2011 The site has been taken down with a "Maintenance" page put up. I expect to be able to have it back up by tomorrow night (or sooner, depending on how it works out with my aunt this morning). Chris, if you get a chance can you visit the home page and see if AVG picks anything up? I want to make sure the exploit isn't coming from elsewhere on the server. Quote Link to comment Share on other sites More sharing options...
ChrisObee Posted October 8, 2011 Report Share Posted October 8, 2011 Sorry I am in Buffalo and out of contact other than from my iPod. Quote Link to comment Share on other sites More sharing options...
Frank Hagan Posted October 8, 2011 Report Share Posted October 8, 2011 Not a problem, Chris. I did find an on-line tool that is identifying the injected code. Now I just have to slog through it! Quote Link to comment Share on other sites More sharing options...
Frank Hagan Posted October 9, 2011 Report Share Posted October 9, 2011 I did the initial clean up and have the site back up (mostly). I'll follow up with Craig about what needs to be rebuilt, but the Forums and the Gallery should be working now. I will run the scan every few hours to see if a re-infection occurs. I still haven't found the source of the original infection. If it re-occurs, I'll put up the maintenance page again and see if I can identify the source. Quote Link to comment Share on other sites More sharing options...
smoolie671 Posted October 10, 2011 Report Share Posted October 10, 2011 I'm just gonna throw this out there. You really should switch to linux. I switched over a year ago, and have had absolutely 0 problems with infections. I can go onto any site now without fear of screwing up my computer. I can even make it look like the latest version of windows if so desired. I use the ubuntu version. There may be better versions of linux out there, but ubuntu is my favorite so far. If your just looking for a reliable way to browse the web, then this is the best. Not to mention, it's free!!!! Just my 2 cents worth. Quote Link to comment Share on other sites More sharing options...
Frank Hagan Posted October 11, 2011 Report Share Posted October 11, 2011 I'm just gonna throw this out there. You really should switch to linux. I switched over a year ago, and have had absolutely 0 problems with infections. I can go onto any site now without fear of screwing up my computer. I can even make it look like the latest version of windows if so desired. I use the ubuntu version. There may be better versions of linux out there, but ubuntu is my favorite so far. If your just looking for a reliable way to browse the web, then this is the best. Not to mention, it's free!!!! Just my 2 cents worth. The server is linux (CentOS, the opensource version of RHEL). The BYYB account was infected with a linux-specific piece of malware (well, actually, it was a javascript vulnerability, I think, but it could easily have infected your Ubuntu system). A Linux desktop does enjoy "security through obscurity", since very few hackers are writing malware to target them. Its a little different for the server market, as most of the web servers are Linux. You are probably safer with Linux than with Windows or even the Mac, but you still have to be careful. I'm looking at a new job in another city, and if I get it, I'll be "commuting" (heading there Monday morning, staying until Friday night and driving home). If I do that, I'll set up an inexpensive Ubuntu system for my temporary home (or buy another laptop). Quote Link to comment Share on other sites More sharing options...
smoolie671 Posted October 11, 2011 Report Share Posted October 11, 2011 Hmmm, I did go on their site within the last few days. So far I haven't seen any problems with my system yet. I'll keep an eye on it though. It's always nice to see people using linux. What I love is the fact it's free, and if something did screw it up, all I have to to is wipe it and start fresh. I keep all of my files backed up on a separate drive. About 14 months ago I got so infuriated with windows and all of the virus problems. With what was left functioning on my system, I took the leap, and downloaded ubuntu. I never looked back. I have it installed on all of my computers, and none of them have had a problem yet. Quote Link to comment Share on other sites More sharing options...
Frank Hagan Posted October 11, 2011 Report Share Posted October 11, 2011 Hmmm, I did go on their site within the last few days. So far I haven't seen any problems with my system yet. I'll keep an eye on it though. It's always nice to see people using linux. What I love is the fact it's free, and if something did screw it up, all I have to to is wipe it and start fresh. I keep all of my files backed up on a separate drive. About 14 months ago I got so infuriated with windows and all of the virus problems. With what was left functioning on my system, I took the leap, and downloaded ubuntu. I never looked back. I have it installed on all of my computers, and none of them have had a problem yet. Ubuntu is great. The only caveat is that some devices, like cameras and webcams, don't interface well with linux. You just have to make sure whatever you buy has drivers for it. I actually have Ubuntu running XBMC for my media center PC and it is super stable. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.