DescentBB

Some a***hole attempted to install a virus / malware onto my computer through IE when I went visit the Interplay site this evening. My copy of Avast intercepted the worm before it got very far - it was trying to redirect me to XXXXXXXXXXXXX

I checked my computer to see if it was me - all clean. I refreshed the site and got the same thing. TWICE! It could be isolated to my ISP, but then why didn't the same thing happen with other sites??

Not sure how they went about this, but it might be an idea to avoid Interplay.com for a while till they track down the problem.

(...that, and stop using IE! )


EDIT: Good point DCrazy - link gone.

They may have used SQL injection. Happens all the time when site use query strings (like the one you see in the URL above right now) and don't put proper checking in the code.

Happened to a bunch of older ASP Web sites where I worked last. They have bots that just hammer the site Web sites looking for an in road, then when they have it, they're able to query the DB and find the tables they want, then they can execute code (like putting redirect urls on dynamic content driven pages).

On or around Jan 5th there were enormous amounts of attacks like this launched it seems. Where I work we have had a flood of customers calling in with disappearing email and failure daemon notices to people they never emailed to. So someone has been able to capture a lot of account info.

I guess just another warning (if the huge ie security hole found a little while ago wasn't warning enough) of the terrible things that can happen from using internet exploder.

Actually, I'm not surprised this sort of thing happened. Consider:
1) Interplay is in the (possibly futile?) attempt to revive itself from the ashes. They're a little short on funds.
2) Having a full (sufficient) IT staff that coincidentally \"know their stuff\" will usually cost serious bucks (but worth it if you're serious about your business).
3) When a business is in \"startup\" mode (or in this case, re-startup) often your attention is high on securing business and funds for growth and development while you run things a bit on the \"lean\" side until you have more than two coins in your pocket to rub together.

No surprise if they had not been covering all the details.

Gekko, please remove the link to the offending site from your post. Not only might someone click on it, but you are contributing positively to its Google pagerank by linking it from here.

incidentally, I'm done using FF and google. I'll be trying Opera and Ask.com for a while for the example you just gave Dcrazy. (sorry for the detour)

Has anyone else tried the site in the last couple of days?

I never use Google, Google is evil.

So, if someone searches “Google is evil” will they get this page?

Google is evil. Google is evil. Google is evil. Google is evil. Google is evil. Google is evil. Google is evil. Google is evil. Google is evil. Google is evil. Google is evil.

Spidey wrote:I never use Google, Google is evil.

So, if someone searches “Google is evil” will they get this page?

Google is evil. Google is evil. Google is evil. Google is evil. Google is evil. Google is evil. Google is evil. Google is evil. Google is evil. Google is evil. Google is evil.

Well, given the choice between Google or Microsoft, I side with Google. Yes, google collects way more information about their users than they should, but they promote opensource software and free code whereas Gates has always been a promoter of proprietary code, DRM, and just restricting what you can do with computers in general.

And btw Duper, Ask.com has gotten a little shady in my book- one wrong move there and you could land yourself a malware infection.