Author Topic: 'Survivor' site contains malicious code  (Read 2628 times)

0 Members and 1 Guest are viewing this topic.

Offline Texan

  • Robs Bestest Angel
  • RFF Global Moderator
  • RFF Frantic Poster
  • *****
  • Posts: 6436
  • Groovy!!!
'Survivor' site contains malicious code
« on: August 18, 2004, 12:07:15 PM »
I copied this post by Rob in the support thread.  I wanted to give the heads up in this board also as most people reading this board may be concerned.  thanks.

We at RFF are just warning you about this site. If you decide to check out this site, then you are doing so at your own risk, and the staff at RFF takes NO responsibility for your actions or any damage incurred to you or your computer!

Code embedded in a site likely to be surfed by fans of the 'Survivor' TV show takes advantage of known software flaws

A Web site likely to attract fans of the CBS-owned television series Survivor could contain a nasty surprise for its visitors.

The site, owned by a party that has licensed the word "survivor" in a top-level US domain -- not linked to the television network -- today contained a smorgasbord of malicious code embedded in HTML scripts.

A concerned Web user alerted ZDNet Australia about the site after noticing that content on the site had triggered his antivirus software.

Users who visit the site without adequate antivirus protection on their PCs are at risk of being infected by three Trojans coded into scripts maliciously embedded in its content: VBS/Psyme, Debeski and Java Script/IE.startgen.d.

The Trojans take advantage of known exploits in Microsoft ActiveX, Internet Explorer and Java virtual machine.

While antivirus vendors only rank the script Trojans as moderate or low risks, they may be designed to prompt a computer accessing the site to automatically download a secondary payload from another location on the Internet.

At this stage antivirus vendors that ZDNet Australia has approached have not revealed what the payload is, but miscreants have recently contrived similar forms of attack into maliciously designed HTML emails MessageLabs detected this month.

Offline RudyRules

  • RFF's Maturest Angel.
  • RFF Donor
  • RFF Frantic Poster
  • *****
  • Posts: 7814
  • S1's Rudy Rocks!!
Re: 'Survivor' site contains malicious code
« Reply #1 on: August 19, 2004, 12:41:54 AM »
So what site is it??!   ?:)? ?:)?


Offline Brown Guy

  • RFF Sr. Member
  • ****
  • Posts: 391
    • My Site!
Re: 'Survivor' site contains malicious code
« Reply #2 on: August 19, 2004, 05:18:56 PM »
Im wondering myself, ha flaws in a Microsoft product thats rediculous  ::) lol.
A rumor without a leg to stand on will get around!
~John Tudor

Offline puddin

  • **puddinpiepork**
  • I Live at RFF
  • *****
  • Posts: 85453
Re: 'Survivor' site contains malicious code
« Reply #3 on: August 19, 2004, 06:06:04 PM »
snewse (from SNN )r said its survivor.com...