View previous topic :: View next topic |
Author |
Message |
colby
Joined: 06 Feb 2009 Posts: 1216
|
Posted: Tue Jun 02, 2009 1:24 pm Post subject: w32.fujacks virus threat |
|
|
John, your other thread re: the above is locked to all but admins, hence this.
The "W32.Fujacks!html" file is what's called an executable script and is malicious. It's most likely entered the bizhat server via an avatar or some other user-uploaded image file (the clue is in your report) and is therefore acting much like a trojan - but sitting on the web server rather than any visitor's computer.
However, I'd advise all users to do a virus scan as well, since the intention might be for it to propagate to all users who have accessed the relevant file.
Since you don't (I assume) admin your own server for R2OK, it's the responsibility of the host admin to flush this one out. They should have received an advisory from Apache (or whichever is the server software provider) and will be able to deal with it.
If you have root access to the space in which this phpBB2 install resides, you could try having a look in the relevant "theme/images" folder and search for the actual filename. You can then easily delete it.
For more info, trying Googling on "W32.Fujacks!", "W32.Fujacks!html" or "W32.Fujacks!htm" where you'll no doubt see loads of stuff. _________________ (signature and avatar removed, violated forum Rule 2.)
Last edited by colby on Tue Jun 02, 2009 1:30 pm; edited 1 time in total |
|
Back to top |
|
|
colby
Joined: 06 Feb 2009 Posts: 1216
|
|
Back to top |
|
|
RockitRon
Joined: 07 Dec 2006 Posts: 7646
|
Posted: Wed Jun 03, 2009 7:31 am Post subject: |
|
|
My Norton Security is telling me "Site is Unsafe" and details a trojan as well as the w32.Fujacks _________________ Ron |
|
Back to top |
|
|
John W
Joined: 07 Dec 2006 Posts: 3367 Location: Warwickshire, UK
|
Posted: Wed Jun 03, 2009 8:08 am Post subject: |
|
|
RockitRon wrote: | My Norton Security is telling me "Site is Unsafe" and details a trojan as well as the w32.Fujacks |
Yes I saw that as well today. I'll drop a note to the bizhat admin.
John |
|
Back to top |
|
|
John W
Joined: 07 Dec 2006 Posts: 3367 Location: Warwickshire, UK
|
Posted: Wed Jun 03, 2009 8:49 am Post subject: |
|
|
I have posted on the admin forum asking for bizhat to fix the two threats.
John |
|
Back to top |
|
|
colby
Joined: 06 Feb 2009 Posts: 1216
|
Posted: Wed Jun 03, 2009 8:54 am Post subject: |
|
|
I noticed that the server was offline for a while earlier - "address inobtainable". _________________ (signature and avatar removed, violated forum Rule 2.) |
|
Back to top |
|
|
John W
Joined: 07 Dec 2006 Posts: 3367 Location: Warwickshire, UK
|
Posted: Sun Aug 23, 2009 10:26 pm Post subject: virus alerts |
|
|
I and other members have noticed today a Norton alert/report 'site unsafe' and that there's a trojan in a bizhat site image file. I don't think the file/image is accessible on any of the R2ok pages.
I'd rather not go looking for it myself to delete, I'll drop another note to bizhat admin, though they should have had their own alert. |
|
Back to top |
|
|
Shaky Fan
Joined: 11 Dec 2006 Posts: 628
|
Posted: Sun Sep 20, 2009 6:01 pm Post subject: |
|
|
Just got the same message today! |
|
Back to top |
|
|
Shaky Fan
Joined: 11 Dec 2006 Posts: 628
|
Posted: Mon Sep 21, 2009 5:44 pm Post subject: |
|
|
Well it seems to have gone! The site is showing as safe now... |
|
Back to top |
|
|
|