Malware in Uploaded Images in Threads on the Hype

Midnyte_Sun · Feb 12, 2011

I've noticed an increase in malware threats blocked from visiting pages in the Hype. It doesn't happen to my knowledge, in the main home page, but in the boards specifically threads that may use uploaded images.

On this page, there is only one uploaded image, and I believe the image has malware uploaded through it also:

Warning: Don't Click if you don't have Malware blockers installed:

http://forums.superherohype.com/showthread.php?p=19632962#post19632962

It seems to be linked to uploaded images using:

h.ttp://shareimage.ro

Looks like the Malware it wanted to run was "Palladium" Anti - Virus, which is a malware disguised as an anti virus. More info about it can be found here:

http://www.precisesecurity.com/rogue/palladium-antivirus/

Midnyte_Sun · Feb 12, 2011

Here's another image/file uploader that has Malware attached to it:

h.ttp://mkserver.ru

( I put an extra period to it to make the link invalid)

Hotwire · Feb 12, 2011

Um, what is the thread it's in? I'm not clicking the link, but would also like to avoid that thread all together.

ComicChick · Feb 12, 2011

also if you are getting any weird popups or anything like that, please screen cap them.

Midnyte_Sun · Feb 13, 2011

Hotwire said:
Um, what is the thread it's in? I'm not clicking the link, but would also like to avoid that thread all together.

Both those image uploader sites were used in the same thread on the new Mortal Kombat game in the Game Section, titled:

Mortal Kombat XI returns to its bloody roots - Part 1

Comic Chic,

The window basically says that WIndows has detected a trojan virus and that you should install Palladium Anti Virus. The only problem is, if you decline, it installs anyways because it won't let you get out of that window. Once it installs, it will restart your PC and it won't let you access your desktop until you buy their product (which is not a real anti virus).

ComicChick · Feb 13, 2011

ill let the techies know

Midnyte_Sun · Feb 13, 2011

Comic Chick,

The window looks like this:

MalwareBytes picked this info up:

Midnyte_Sun · Feb 15, 2011

Any updates on the viruses via image hosting servers?

Morg · Feb 16, 2011

I think it's just you, no other complaints

LegendaryCaleb · Feb 16, 2011

happened to me a week ago tryin to open a pic uploaded...cant remember the thread though

Midnyte_Sun · Feb 17, 2011

Morg said:
I think it's just you, no other complaints

You're joking right? Ad servers and image hosting servers have been targeted by hackers in order get their malware into people's PCs. Even Google Images is infected.

Besides, since when has image hosting sites from Romania and Russia (like the ones used in that thread I mentioned) been known for their 'security' and 'safety?'

ComicChick · Feb 17, 2011

i've seen odd things coming from ImageShack of late

LegendaryCaleb · Feb 18, 2011

yeah thats where it hit me...imageshack

Midnyte_Sun · Feb 19, 2011

So, so far the culprits are:

imageshack.us
shareimage.ro
mkserver.ru

Have any of you used Picoodle?

Midnyte_Sun · Feb 26, 2011

This came out a while back, but it's more reason to have protection against malware:

Malware delivered by Yahoo, Fox, Google ads

Found in ads delivered from those networks was JavaScript code that Avast dubbed "JS

rontexi," which Avast researcher Jiri Sejtko said is a Trojan in script form that targets the Windows operating system. It looks for vulnerabilities in Adobe Reader and Acrobat, Java, QuickTime, and Flash and launches fake antivirus warnings, Sejtko said.

Read more: http://news.cnet.com/8301-27080_3-20000898-245.html#ixzz1F5dNr1cS

Morg · Feb 28, 2011

Alexs Jems said:
Now all you need to do is create an FTP account, and then login to the account using your browser by using this format.

______________________

Oh shut up bot

Midnyte_Sun · Mar 13, 2011

I just got an unauthorized attempt to download an 'app' via my Android 2.2 while browsing through images on the "What Hypesters Look Like" thread.

NHawk19 · Mar 21, 2011

I dont know about images I just tried to hit the games forum and got a window of possible infection. I'm running all kinds of scans now.

Catman · Mar 22, 2011

Midnyte_Sun said:
It looks for vulnerabilities in Adobe Reader and Acrobat, Java, QuickTime, and Flash and launches fake antivirus warnings, Sejtko said.

I just got one of those in the Family Guy thread. I remember last year we were having issues with the same exact problem. A few people were complaining about it.

Franklin Richards · Apr 11, 2011

Been getting this alert lately.

Any ideas?

:doom:

Midnyte_Sun · May 2, 2011

Thid thread. Should be merged with the other one about malware.

Midnyte_Sun · May 29, 2011

Just got another trojan attack while browsing through the Hype. I was on the thread:

Darthphere's House of Style: From Geek to Chic. when I got this warning:

Gotham Knight · May 29, 2011

Are we supposed to PM the Hype Administrator? I wish it were more clear how we're supposed to take action.

ComicChick · May 30, 2011

by posting in this thread and supplying as much backup info (details, screencaps, threads seen in, etc), the staff can give more info to the site owner who can then relay to those who can fix these problems

Gotham Knight · May 30, 2011

ComicChick said:
by posting in this thread and supplying as much backup info (details, screencaps, threads seen in, etc), the staff can give more info to the site owner who can then relay to those who can fix these problems

Gotcha.

Malware in Uploaded Images in Threads on the Hype

Medianoche de Sol

Medianoche de Sol

Dealin' W/ Demons

I Work Too Much

Medianoche de Sol

I Work Too Much

Medianoche de Sol

Medianoche de Sol

Grumpy mod

Superhero

Medianoche de Sol

I Work Too Much

Superhero

Medianoche de Sol

Medianoche de Sol

Grumpy mod

Medianoche de Sol

insert witty comment

Avenger

Avenger

Medianoche de Sol

Medianoche de Sol

Watchful Protector

I Work Too Much

Watchful Protector

Users who are viewing this thread

Forum statistics

Share this page