Hateborne
01-12-2013, 11:06 AM
I kept getting warnings about the site being infected. Every time I tried to wget the index.html, my company antivirus kept INSTANTLY deleting the file. I finally loaded up a VM Ubuntu, did a wget -m on the site, and found a nasty bit of code inserted into the bottom of the index.html file. It is resolving to a russian site. Which actual infection set they are using, I cannot say for sure.
GeorgeS if you are reading this (or if some one knows how to get in touch with him), your webserver has been tamperered with and the index.html has been modified. I had a few other files threw up warnings of possible infections with ESET's NOD32. Sometime this weekend I will swipe all the files from your site, scan them, and dump the clean ones on my site (www.hateborne.com). I will create a folder named "georgeS" under the eqemu branch on my site for them.
Thanks in advance for checking into this.
-Hate
GeorgeS if you are reading this (or if some one knows how to get in touch with him), your webserver has been tamperered with and the index.html has been modified. I had a few other files threw up warnings of possible infections with ESET's NOD32. Sometime this weekend I will swipe all the files from your site, scan them, and dump the clean ones on my site (www.hateborne.com). I will create a folder named "georgeS" under the eqemu branch on my site for them.
Thanks in advance for checking into this.
-Hate