Question anyone else getting a virus warning while visiting the site today?
- Thread starter BlackMarketMagi
- Start date
rollerboi
Sr Member
How odd. I'm on Firefox, using a mac, with the "Block attack sites" options checked, and I don't seem to be having a problem. At all. Not yesterday, not today. I've gotten zero warnings. The only thing I've got going is that "Enable Adblock Plus" is on, perhaps that is what is helping?
On my iMac I got this alert using Safari to log in
but I get no alert with firefox and got into the rpf site
Warning: Suspected phishing site.
The web site you are visiting has been reported as a "phising" website. These web sites are designed to trick you into disclosing personal or financial information, usually by creating a copy of a legitimate website,
And I got this on a google search
Warning - visiting this web site may harm your computer!
Suggestions:Return to the previous page and pick another result.Try another search to find what you're looking for.
Or you can continue to http://www.therpf.com/ at your own risk.
Malware Warning
jme3
Sr Member
It's happening again for me this morning. I don't know much about viruses and that sort of thing but this is what my anti-viral software listed for this attack:
Attacking Computer: darthererandom.co.cc 213.5.64.191, 80
Attacker URL: darthererandom.co.cc/forum/fwjqxzkofsilfwivg.php
Attacking Computer: darthererandom.co.cc 213.5.64.191, 80
Attacker URL: darthererandom.co.cc/forum/fwjqxzkofsilfwivg.php
exoray
Master Member
And people wonder why virues, trojans and malware spread so fast... :wacko :wacko
It's really no wonder after reading this thread...
PEOPLE GET A CLUE, THE SITE HAS BEEN COMPROMISED! UNTIL IT'S CLEANED THE MALWARE IS STILL THERE, SWITCHING BROWSERS , DISABLING THE WARNING POP-UPS IS JUST PLAIN STUPID AND SERVES NO PURPOSE! TAKE A DAY OFF OF THE RPF AND HOPEFULLY THE STAFF GETS THE INFECTED FILES OFF THE SERVER, UNTIL THEN GO OUTSIDE AND ENJOY THE WEATHER...
From my experience these types of attacks originate from someone with FTP access and saved FTP passwords on their computer for this site, they likely download a Trojan that will read the stored passwords, access the site and inject code into random files on the server... That or there is an injection code exploit on one of the scripts on the server... In either case until the hole is discovered and closed, and the site is sanitized visiting the site is only likely contributing to the problem...
If you must visit the site run your browser in a sand box (like I am) so that it's contained, and you are not contributing to the problem...
Better yet just go out and enjoy the weather, or get some work done...
It's really no wonder after reading this thread...
PEOPLE GET A CLUE, THE SITE HAS BEEN COMPROMISED! UNTIL IT'S CLEANED THE MALWARE IS STILL THERE, SWITCHING BROWSERS , DISABLING THE WARNING POP-UPS IS JUST PLAIN STUPID AND SERVES NO PURPOSE! TAKE A DAY OFF OF THE RPF AND HOPEFULLY THE STAFF GETS THE INFECTED FILES OFF THE SERVER, UNTIL THEN GO OUTSIDE AND ENJOY THE WEATHER...
From my experience these types of attacks originate from someone with FTP access and saved FTP passwords on their computer for this site, they likely download a Trojan that will read the stored passwords, access the site and inject code into random files on the server... That or there is an injection code exploit on one of the scripts on the server... In either case until the hole is discovered and closed, and the site is sanitized visiting the site is only likely contributing to the problem...
If you must visit the site run your browser in a sand box (like I am) so that it's contained, and you are not contributing to the problem...
Better yet just go out and enjoy the weather, or get some work done...
That was indeed the case. Hole found and patched.
For anyone who is unfamiliar with sandboxing, I would recommend:
Sandboxie - Sandbox software for application isolation and secure Web browsing
We thought we had this handled yesterday, but there were a couple that slipped under the radar. We now have those last few rounded up and are making final checks to ensure everything is good.
If you were hit with Malware, we recommend you use the following the clean your system. Make sure you update to the latest virus set.
Malwarebytes
Darth Gius
Active Member
I looked at one thread yesterday and it completely hosed one of my boxes. Even in safe mode I can't run anything to get rid of it. I'm sure I'll get it fixed later this week when I get back home, bu what a pain in the ass.
KnightAsylum
Sr Member
System clean here, but still happening today when I visit the site.
Onkelpsycho
Sr Member
Same here. no malware found on my PC, but RPF still attacks... I tale already a day off... :lol
mrsmartypants
Well-Known Member
The problem still exists as of 1:00 PM PST Today....
scarf man
Master Member
Wow!
This totally screwed my laptop. (posting from my iPhone)
I've had the machine since 2000 & this is the first time since then I've had to reinstall the OS due to virus attack.
I couldn't even boot in safe mode.
I didn't lose much data, thanks to backups.
I hope whoever did this rotts in heck. :angry
This totally screwed my laptop. (posting from my iPhone)
I've had the machine since 2000 & this is the first time since then I've had to reinstall the OS due to virus attack.
I couldn't even boot in safe mode.
I didn't lose much data, thanks to backups.
I hope whoever did this rotts in heck. :angry
Last edited:
I was able to log in without any problems just now (18:15 hours EDT) for the first time since sometime Friday.
I guess some good came out of this...downloaded Avast and Google Chrome.
I guess some good came out of this...downloaded Avast and Google Chrome.
SSgt Burton
Sr Member
I used this site for step-by-step on how to remove "Security Tool" from my PC:
(The site is safe as well as all links/downloads there)
www.bleepingcomputer.com/virus-removal/remove-security-tool
My computer is back to normal now but when I visit the RPF I'm kinda like...
Kevin
(The site is safe as well as all links/downloads there)
www.bleepingcomputer.com/virus-removal/remove-security-tool
My computer is back to normal now but when I visit the RPF I'm kinda like...
Kevin
Are we safe now? Avast found nothing on my computer, but I'm still a little nervous.
Similar threads
