| View previous topic :: View next topic |
| Author |
Message |
bassexpander
Joined: 13 Sep 2007
Location: Someplace you'd rather be.
|
 Posted: Wed Feb 10, 2010 5:33 pm Post subject: Beware of malware links in PM's on Gaijinpot |
 |
|
I got a private message on a chat board which contained the following link to a possibly malicious website:
http://security-tool2010.com
The actual private message alert came down in an e-mail as follows:
DO NOT REPLY TO THIS EMAIL!
***************************
Dear ********, [my name removed here]
You have received a new private message at Japan Forums from ForumModerators, entitled "Important message from the forum administration!".
To read the original version, respond to, or delete this message, you must log in here:
http://forum.gaijinpot.com/private.php
This is the message that was sent:
***************
Dear, [*********];masterspec;jprunner;VVV;dougiedd!
A virus alert was noticed on your computer.
We highly recommend you to check your computer and perform online virus check at our site immediately: http://security-tool2010.com/[********];masterspec;jprunner;VVV;dougiedd
----------------------------------------------------
Forum Administration forum.gaijinpot.com.
***************
Again, please do not reply to this email. You must go to the following page to reply to this private message:
http://forum.gaijinpot.com/private.php
All the best,
Japan Forums |
|
| Back to top |
|
 |
richardlang
Joined: 21 Jan 2007
Location: Gangnam
|
| Posted: Thu Feb 11, 2010 4:27 pm Post subject: |
|
|
| I got the same message on a movie discussion board a couple days ago. It's the same, right down to the usernames and semicolons. Report it to the real moderators/administrators is all I can think of. My message was sent from user "ForumAdministrator." I don't know how such a username could get by the people who run the board. |
|
| Back to top |
|
|
bassexpander
Joined: 13 Sep 2007
Location: Someplace you'd rather be.
|
| Posted: Thu Feb 11, 2010 4:38 pm Post subject: |
|
|
| I reported the links to Google and Firefox's browser site blocking service that keeps track of drive-by malware and such. Hopefully they have now blocked the site. |
|
| Back to top |
|
|
richardlang
Joined: 21 Jan 2007
Location: Gangnam
|
| Posted: Thu Feb 11, 2010 9:57 pm Post subject: |
|
|
It must be the latest kiddie (amateur hacker) script. I loaded the website within a secure browser. This is what comes up. It's a fake Windows XP facade that "scans" your computer for viruses. After the "scan" is done (it's just one big hoax) you're browser downloads a virus removal program named "install.exe."
http://i49.tinypic.com/2ikqdys.jpg
(This is SFW. It's just the screen capture of this fake virus program.) |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
