Log in

View Full Version : A possible security breach notification!...


akinrog
December 5th, 2006, 06:45 PM
A few moments ago, my norton antivirus package (apparently completing an update) gave an alert on WinRar software I had downloaded so long time ago from where I don't remember (most probably P2P networks) and I've been using for so long time that it contains a worm called W32.Fujacks.A.

It might be a false alarm but I just want to warn other members of this situtation. If you have downloaded a file called "wrar330.exe" which is installer of WinRAR, please be careful with it!...

Anybody using this application (which had been probably downloaded from P2P networks together with a crack therefor) must be careful and check his/her computer for virii.

Better careful than sorry. Regards.

FUTI
December 6th, 2006, 02:01 PM
Thanks akinrog for fast notification and I hope it is benign problem. I had similar problem last year and notify the forum through a member whose e-mail I have. I had problem logging at the time and feared is it some kind of keylogger (it wasn't but as you said better safe than sorry) so I didn't wish to compromise forum's safety. IIRC it was posted in forum matters section and not water cooler like this one. Does forum has a policy on that? Mega, NBK do you have some advice?

Maybe e-mail adress (or pannel) where we could send a request to temporary disable our account untill further notice with partial report from AV program attached to it would be a good idea. Maybe even Mega can use forum software to put the account name/pass under scrutiny at our request and send us a login/logoff times and IP numbers to our e-mail so we can compare it and say is there something fishy going on. What would be the best thing to do if we trace that ID theft (besides paying someone 50$ to braek the knuckles of the guy who stoll our password so he can't type for a while - hm, that would be interesting membership fee :D)? We can change the pass maybe, but so the theif can before us at that moment using user CP. Should we then send e-mail to Mega to set us a new password and send it to us through e-mail? How would Mega knew who is who?...Now I'm going in circles. :). Small problem = big headache.

nbk2000
December 6th, 2006, 02:38 PM
We never delete a members account, only disable it, so you can always come back.

And members can't edit or delete their own posts past a short time, so no ones posts can 'vanish'.

Now, an imposter could take over your account, if you were careless enough to loss your account, but what could they do with it? Post k3wL formulas?

OK, 'you' get banned. Sign up for a new account.

You could bother an admin with an e-mail and plead innocence, and we might look to see if the IP's are different, but likely not.

Too many times we've had people plead 'hacker/little brother used my account' as an excuse for stupidity that they later regretted.

It's on YOU to secure your account against sabotage and hijacking, not ours.

Also, where's your PGP key? How could you prove that you were a certain member and not an imposter without it?

Staff is far more paranoid about any irregularities in our computers because our accounts can fuck up the whole board, not just ourselves.

I just had a little incident where it looked like one of my external HDD's got infected with ransomware (had only one file listed called 'dead letter box' wi-fi music in russia.html), and so I immediately notified staff and took other precautions.

Turns out (so far) to have just been a problem with my firewire controller, but I'm still investigating it to be sure.

We don't need to be notified everytime a member gets a virus, as we'd be running a seperate forum section just for that, as common as I'm sure it is.

Exceptions would be any files downloaded from the FTP, or linked to here on The Forum, such as the rapidshares, or a posted website running malicious scripts.

These could be considered as a targeted attack against us, in an attempt to gain privilege escalation.

This is what staff needs to be IMMEDIATELY notified about, but not by public posting, as that could warn the attacker that they've been discovered.

Better is to notify admins by private message, with a link to the offending post.

Or, if on the FTP, the name of the file on the FTP and a PM to TMP, since he's the one running the FTP, as well as RS admins.

c.Tech
December 6th, 2006, 09:34 PM
and we might look to see if the IP's are different, but likely not.


That leads me to a question about something that worries me, IP's.

If the forum was to be taken down by lets say some government agency, would they be able to gain access to our IP's and tip off other countries governments? I'm speaking about on the peak of the new world order that doesn’t look pretty for the forumites if 'they' have out IP's.

ShadowMyGeekSpace
December 6th, 2006, 10:31 PM
They would have access to the IPs, yes.

rayman
December 6th, 2006, 10:55 PM
If the forum was to be taken down by lets say some government agency, would they be able to gain access to our IP's and tip off other countries governments? .

Simple answer .... YES ....

The forum admin will not even know that they are being logged by there provider, heck I am sure that there is an American agency loging this post within minutes of its posting, They are so anal about watching over every one's shoulder and with the content of this forum, But that is neather here nor there as long as you keep your experiments just that EXPERIMENTS

I think at this point in time you are allowed to learn, you are allowed to experiment with chemicals, As long as you do not repeat a successful experiment several times knowing that the resulting reaction creates any cheamical on your countrys banned/restricted chem list, But I Am only speaking for the country I reside in, Your laws may be diffrent

Points to think about

nbk2000
December 7th, 2006, 02:48 AM
The governments taps run at a higher level than your local ISP.

Big Brother has specialized routers connected directly to the TELCO's backbones, monitoring essentially 100% of all IP traffic in/out of the continential US, and something like 10% or more of the interstate traffic.

So your ISP is irrelevant, and your IP is already had, so you're fucked if They want you.

So you either operate under the assumption that you're watched and they're coming for you, in which case you don't even visit this site.

Or, you assume they're too busy with bigger fish, and operate under the level of Federal interest, meaning your APAN banger doesn't exist as far as BB is concerned, unless you're stupid enough to set it off in a government building.

Nihilist
December 7th, 2006, 03:03 AM
Yep...you can bet they monitor everything that goes through this site, PM's included. But even if you were planning to rob a bank, I doubt they would bother with you because the kind of intelligence gathering they're doing isn't exactly legal. It's just not worth it for them to use it against anyone other than terrorists or spies, even big-time "normal" crimes are probably caught regularly and go unreported by the Echelon guys.

c.Tech
December 7th, 2006, 08:55 AM
Or, you assume they're too busy with bigger fish, and operate under the level of Federal interest, meaning your APAN banger doesn't exist as far as BB is concerned, unless you're stupid enough to set it off in a government building.

After they have caught the bigger fish I assume they will be coming for the smaller ones, especially if that smaller one was talking about governments and informational possible terrorist attacks which could occur.

Eliminate all that pose the slightest threat so you can have your perfect little utopia... WITH SLAVES!!! :mad: But I guess its necessary to protect us from evil terrorists as they do ;) :rolleyes:

rayman
December 8th, 2006, 05:31 PM
There will always be bigger fish, But what they will do ( IMHO ) is pass along the chem info to the people that like to ban every thing ..........

Always remember that any one here can be "the man" . It can be any one, New member or old, If you dont think they are here then you are underestimating your enemy, Assume they read this board, Not trying to scare anyone off from posting anything, But lets get real here, The longer you have been here the more that you have left behind for them to find

I for one can cross check several forum boards in a day to find out what a single person has said, I did this not long ago to find the answer to a question that I had about a process, If I can do this anyone can

Jacks Complete
December 9th, 2006, 05:03 PM
This is why we keep personal info out of posts, we don't sign up with real names, and we don't arrange "meet-ups", etc.

Yes, the CIA and others are chomping at the bit to get the currently illegal searches and wiretaps they do all day every day made legal, so they can expand the powers they have, get a bigger budget, and eventually take over the world, but currently, they aren't able to. People are slowly realising the government is playing a shell game that we, the people cannot win.

Yes, you can be hit for incredibly petty things, and hit hard. They love it! It's what gets them wet. Sending you down for 2 years or life for being a tit with an AP charge, or a terrorist with an IED is what gets them a bonus.

The danger is that they will catch you bang to rights, stuff in your hands. Beyond that, the danger is marginal.

Sausagemit
December 11th, 2006, 01:42 AM
The only harmfull thing Norton ever found on my computer was the key generator I used to crack Norton's autoupdate feature. It called it a "Malicious Hack Tool" :D.

If anybody really wanted to find out who I was It really wouldn't be too hard. The problem of acctually doing something malacious to me or my computer would acctually be very hard. I keep a very tight watch on all the processes that are currently running on my computers and other things going on around me. Im a very suspicious person and I notice almost everything. I'm the guy who will go to a movie and say "the stupid bitch only moved the shift lever down 2 notches wich would have put her in neutral rather than drive. God damn I hate automatics."

Seriously though, anybody could find out who I am and where I live in under an hour just using the internet. I just don't give people the incentive to track me down and do some harm.

megalomania
December 11th, 2006, 05:57 PM
Let’s not fall under the assumption that everything here is illegal, and that everyone is breaking the law. Reading about this stuff is perfectly benign, and basic chemical experimentation is also legal (offer void in Kalifornia and Texass). Certain despotic nations worried about a coup might forbid the evil Internet, but the English speaking world isn’t that far along (yet). If you are up to no good, well you should be worried.

Nihilist
December 11th, 2006, 06:56 PM
All it takes is 1 0day exploit and a rootkit to nail even the most security conscious computer user. Being vigilant will protect you from the script kiddies, worms, viruses, etc..that infest the everyday internet, but when someone with money and power(e.g. fedgov) wants you, they've got you.

Crypto can help, but cryptography is only as secure as the passphrase used to encrypt it. If you have all your HD's encrypted with a 10 billion bit long key, and the best pass phrase ever...but you have to type the thing in every time you boot up, all they've gotta do is intercept your keystrokes for a few days before serving their warrant to seize your drives.

IMO, the best way to deal with this stuff is to keep your shit as secure as you can...but ultimately, always have an explanation at the ready in the event anything on your computer should be discovered, and if you have content on their that could get you in trouble that there is no excuse for having, seriously consider getting rid of it.