RedsZone Malware Attack Discussion

[Screwball]

Quote:

Originally Posted by KronoRed

Get ready for some paranoid blame to be thrown your way

I have no idea if a Cardinals fan attacked the site or not, but I don't think it's unreasonable to suspect that it was. In fact I'd say that's more being logical than paranoid.

[MikeThierry]

Quote:

Originally Posted by Screwball

I have no idea if a Cardinals fan attacked the site or not, but I don't think it's unreasonable to suspect that it was. In fact I'd say that's more being logical than paranoid.

Its not unreasonable yet at the same time to jump to conclusions about it would be folly as well. I have been a member of other forums in the past that have had malware attacks simply because it is a hacker at the other end just playing a game. This is a rather popular forum so it could be any number of people.

[Boss-Hog]

Quote:

Originally Posted by MikeThierry

Its not unreasonable yet at the same time to jump to conclusions about it would be folly as well. I have been a member of other forums in the past that have had malware attacks simply because it is a hacker at the other end just playing a game. This is a rather popular forum so it could be any number of people.

That's all true but without getting into details, what I do know at this point is that if something was secured properly (outside of our control), this all is a non-issue.

[Mario-Rijo]

Quote:

Originally Posted by KittyDuran

Well it attacked my computer here at work... and my boss is still working on it...

Ouch, that's no good. Sorry to hear it. My Boss would likely have a major meltdown, we are very big on security and we aren't supposed to be surfing.

[KittyDuran]

Quote:

Originally Posted by Mario-Rijo

Ouch, that's no good. Sorry to hear it. My Boss would likely have a major meltdown, we are very big on security and we aren't supposed to be surfing.

It wasn't a problem since I was surfing on Saturday before going to the game... And I sent him an email from my IPhone right then so he would have a heads-up.

[Boss-Hog]

Quote:

Originally Posted by KittyDuran

It wasn't a problem since I was surfing on Saturday before going to the game... And I sent him an email from my IPhone right then so he would have a heads-up.

So it sounds like this happened on Saturday? If so, I'm not positive the attack was from this site - not say it couldn't be, but everything I've seen indicated Sunday or later would've been the days to cause a potential infection. Regardless of whether it was due to this site or not, I'm sorry to hear about it, Kitty.

[smith288]

DONT USE IE. Especially the older versions. Horrible horrible browser.

[smith288]

Quote:

Originally Posted by Tony Cloninger

I was at my parents. I was browsing the site and on accident clicked an advertisement......and then it was like a mess. Virus this and that. Computer wiped out all my parents info.

Here I am....a 40 year old man getting yelled at by his parents...."BUT it wasn't porno that I was looking at, Mom!"

I have an Apple and they warn you NOT to go into this site...less you be infected by a Malware Attack.

If you have an Apple, how did you get malware installed?

[Boss-Hog]

Quote:

Originally Posted by smith288

If you have an Apple, how did you get malware installed?

I think he's saying he has an Apple, but he was at his parents when it happened and they presumably do not have an Apple.

[Tony Cloninger]

Quote:

Originally Posted by smith288

If you have an Apple, how did you get malware installed?

Parents do not have an Apple......they have a computer that gets more viruses than the Middle Ages and always seems to have a problem with anything.

[mikdavrut]

Quote:

Originally Posted by Boss-Hog

So it sounds like this happened on Saturday? If so, I'm not positive the attack was from this site - not say it couldn't be, but everything I've seen indicated Sunday or later would've been the days to cause a potential infection. Regardless of whether it was due to this site or not, I'm sorry to hear about it, Kitty.

It happened to me on Sat. as well. Like I mentioned, I left my browser open, computer running & was on this site, then left for a friends house to watch the game and when I came back home, it got NASTY. Sounds like this other person got infected close to game time as well just like I did? I'm pretty sure the attack/malware definitely came from this site and happened on Sat. Might not have gotten the warnings until Sunday, but the attacks seem to have actually taken place/started right before/around/during gametime on Sat.

Hopefully everything is good now. That was one NASTY piece of malware even doing all of the Rkills/Malwarebytes/etc, it finally took 2 uses of Hitman Pro to get rid of the google-redirect (redirects ALL search engine hits to fake sites unless you use the "cache" option which was the only way I could search the web and figure out exactly how to get rid of all of this crap).

Oh yeah, to the person who says their parents comp. is completely wiped out, it's NOT. You need to get rid of the malware and use unhide.exe. It made ALL my files disappear as well as my desktop icons...everything. This particular malware hides all of your files so that it will appear as though your HD has failed. Those files are still there (just "hidden" by the malware), so hopefully your parents haven't gone out and paid for a new computer or anything like that.

[Boss-Hog]

If the attack did indeed come from this site, which is definitely possible, I sincerely apologize, even though I've confirmed it was through no fault of our own (meaning GIK and I). I should mention that there were plenty of others that visited the same during the same time period (including myself, against my better judgement, in order to try to fix the problem) and were not infected. In the above poster's case, not keeping your antivirus and anti-malware programs up to date and running regular scans makes you much more susceptible to a situation like this - whether that be on RedsZone or anywhere else on the internet. Again, I'm not saying this is in any way your fault, but that would be my take away from this experience.

[Mario-Rijo]

So Boss as far as you can tell was it an infection here or just a false alarm? I can't figure out if I need to take any steps here. I don't appear to be having any problems just had that darn message continuously pop up everytime I clicked on a link here.

[mikdavrut]

Quote:

Originally Posted by Boss-Hog

If the attack did indeed come from this site, which is definitely possible, I sincerely apologize, even though I've confirmed it was through no fault of our own (meaning GIK and I). I should mention that there were plenty of others that visited the same during the same time period (including myself, against my better judgement, in order to try to fix the problem) and were not infected. In the above poster's case, not keeping your antivirus and anti-malware programs up to date and running regular scans makes you much more susceptible to a situation like this - whether that be on RedsZone or anywhere else on the internet. Again, I'm not saying this is in any way your fault, but that would be my take away from this experience.

Boss-Hog, please don't think in ANY way whatsoever that I blame you or RedsZone for this...it isn't your guys fault whatsoever. It's just one of those things that happens. And yes, me not keeping my antivirus, etc. up-to-date and running made me EXTREMELY susceptible. I was actually thinking I might not have gotten it from RZ, but 3 ppl. who all seemed to become infected the same day/around the same time makes me almost 100% certain that it came from here. I think it's just too much of a coincidence to think otherwise.

But once again, it's NOT your fault and I'm NOT upset w/you or w/Redszone....nothing like that at all. So no need for you to apologize about it Boss!

Alls well that ends well, and thus far, it appears as though, if I have not gotten it 100% entirely, I've gotten rid of most of it and most everything that it disrupted on my computer. I have Thursday off, so I'm going to take some time Thursday night and go through my computer quite intensely, making sure that I either have it 100% done away with or that I get whatever aspects might possibly be left of it.

One thing I am no longer going to do is leave my computer running 24/7. Up until this happened, I NEVER shut my computer off (only when going away on vacation, etc. where I would be away for like a week or better), but otherwise, my computer ran all the time. Now, anytime I leave or am going to be away from it for a while, I go ahead and shut it down. I've really narrowed out a lot of programs I had that were set to "start up @ start up" which could make starting my computer up seemingly take FOREVER, but now, I only have like one prog. the starts @ start up, so it takes no-time for my computer to boot up now which makes shutting it down/rebooting up no big deal now.

I hope the guy that said all of his parents files got wiped out reads this thread and tries the unhide.exe prog. - I would hate to see his parents "lose" their files, thinking they're gone when the malware has simply "hidden" them. I've had a HD crash before and lost hundreds and hundreds of files and I darn well KNOW what a total pain in the butt that is. It can be a damn near nightmare to be honest, depending upon how many/what type of files you have. Kinda makes a person give serious thought to signing up for one of those "Carbonite" type programs! They're pretty inexpensive and if a HD DOES actually fail, they have all of your files backed up for you! I very well might go ahead and sign up for one of those services, I just think it would be worth every penny!!!

Oh yeah Boss, thanks for keeping us all updated on this as well!

Take Care man!

[Boss-Hog]

Quote:

Originally Posted by Mario-Rijo

So Boss as far as you can tell was it an infection here or just a false alarm? I can't figure out if I need to take any steps here. I don't appear to be having any problems just had that darn message continuously pop up everytime I clicked on a link here.

I think it was a legit infection and that two or three people received a malware attack would seem to confirm that. I don't think there's anything you need to do except use EXTREME caution if, God forbid, something similar were to happen again that causes the warning to appear (in Firefox and Chrome...it did not appear in IE, which is another issue altogether). Otherwise, the only other advice I have is what's already been mentioned and is good practice for anyone using the internet (not just in the situation we had): have antivirus and anti-malware scans automatically run on a frequent basis and ensure the definitions are always kept up to date.

GIK and I have some work to do that is going to take some time and goes beyond "just" this malware attack, but one of the end results of that work, once completed, is to ensure something like this never happens again.