Today I was reading my usual blogs and forums and when I tried to open one of the sites I got a white screen with the words "Red Eye ownz you! by W4n73d".
Any one know what this means?
Richard S. you might keep an eye out for any unusual site activity.
What Is This: Red Eye Ownz You! by W4N73D
Hi Beemerboy!
I know you from popupportal.
I got that same (Red Eye ownz you! by W4n73d) message when updating a page on popupportal this morning.
I do believe it is a virus, although I've found very little information on it. I found the link to your post here by doing a google-search on the 'red eye' thing.
I also found a link with other information concerning this, and how to fix it. Since I have a Mac, it doesn't apply to me. If you want this information, send me an email to: [email protected] and I'll forward it to you.
Anyway, popupportal seems to have been hit by some malware/virus, or something evil and sinister! Jeez...
Kim
I know you from popupportal.
I got that same (Red Eye ownz you! by W4n73d) message when updating a page on popupportal this morning.
I do believe it is a virus, although I've found very little information on it. I found the link to your post here by doing a google-search on the 'red eye' thing.
I also found a link with other information concerning this, and how to fix it. Since I have a Mac, it doesn't apply to me. If you want this information, send me an email to: [email protected] and I'll forward it to you.
Anyway, popupportal seems to have been hit by some malware/virus, or something evil and sinister! Jeez...
Kim
Last edited by Kim Ciara on Sat. Apr. 01, 2017 2:09 am, edited 2 times in total.
Reason: <removed dead link>
Reason: <removed dead link>
-
Black_And_Blue
- Member
- Posts: 1303
- Joined: Sun. Dec. 21, 2008 12:09 pm
- Location: a rock and a hard place
- Hot Air Coal Stoker Stove: Alaska 140
This thread just got interesting......
-
Richard S.
- Mayor
- Posts: 15243
- Joined: Fri. Oct. 01, 2004 8:35 pm
- Location: NEPA
- Stoker Coal Boiler: Van Wert VA1200
- Coal Size/Type: Buckwheat/Anthracite
Someone probably hacked the server, I'd avoid the site until you know it's been cleaned up.
There's literally thousands if not tens of thousands of attempts on a daily basis to hack this server but it's not unique, every site/server has the same thing happen. They are usually looking for an exploit, you'll find all kinds of requests for non existent files where they are looking for scripts that are exploitable. That's besides all the attempts to login into email, FTP and other services.
It's all automated, the same IP might make a request for 200 pages within a very short time. Same thing with the services. They'll try to use common usernames and passwords. That's why it's important to always use good passwords.
If in the event anyone ever sees anything unusual here please contact me immediately.
There's literally thousands if not tens of thousands of attempts on a daily basis to hack this server but it's not unique, every site/server has the same thing happen. They are usually looking for an exploit, you'll find all kinds of requests for non existent files where they are looking for scripts that are exploitable. That's besides all the attempts to login into email, FTP and other services.
It's all automated, the same IP might make a request for 200 pages within a very short time. Same thing with the services. They'll try to use common usernames and passwords. That's why it's important to always use good passwords.
If in the event anyone ever sees anything unusual here please contact me immediately.