• You're one step from joining Guitar Discussion Forum - The Fret.
    Create a free account to post, follow threads, and never miss an update.  Sign up free →

Blackhole Toolkit Attack from Forum's URL?

Guitar Discussion Forum - The Fret

Help Support TheFret.net:

wingsdad

Well-known member
Joined
Sep 30, 2007
Messages
1,486
Reaction score
0
City & State/Province
High & Dry, Southern California
I don't know what it is, or any other of that stuff...it's why a dummy like me has Norton's Internet Condom protecting my pc. But my first attempt to come here this morning resulted in this, as the Forum site was stopped from connecting:
BlackholeToolkitAttack061111_9A.jpg

I cropped off my web address info, of course...Am I reading this correctly, that the attacking computer URL somehow originated from here?
Anyone else have this happen?
 
I just now came online here and have never had that happen...also running norton.

Robert will probably be able to find out hopefully.
 
There's a lot of stuff about that rootkit on the Net. You might want to have whoever is in charge of The Fret's server check it out.
 
I get nothing from home or work. Of course, work spends more per month in network protection than my house is worth!

For home, I'm running the latest Norton for anti-virus, Zone Alarm for firewall, and Malwarebytes for anti-malware.
 
I ran the protector-avi.co.cc URL through Websense's ACEInsight search, but found no alerts for it. (I used to admin Websense for Waste Management, Inc.).

The URL might be misleading, so I wouldn't focus too much on it.
 
I upgraded the forum to the latest version.

Does this solve this issue?

I believe it was a CSS cross-site scripting attack, using an exploit in the forum software. This new upgrade should solve that - let me know please.
 
Back
Top