Jump to content

Recommended Posts

Posted

Anyone experience a hijack on this site this morning ? As I clicked on "jwsound.net" I was redirected to "blackinternet.se" where an exe file "activate.exe" was trying to run. Norton Internet Security stopped the file from running and put in in quarantine. Anyone else have this experience ?

Posted

I have the full url for the site if you if you want to look into it. All other sites I have in favoriites worked fine including cinemaSound. Just noticed right now when I click on the link "discussion group" in cinemaSound I'm redirected to blacketinternet

Posted

I bet this is a DNS (domain name server) problem, where somebody hacked into the DNS that ve7kr is using and that's redirecting to this other weird site.

There's always the possibility he has a virus that's trying to force his browser to go to other sites. I would not trust Norton Internet Security if I were you. I would install the entire Microsoft Security Essentials package (which is free), disconnect the computer from the net, and run that and see what you find. (I'm also a big fan of Nod32, which is very good.)

It seems like there are more and more really, really nasty viruses out there. To me, this is yet another reason to get... well... that "other" computer.

--Marc W.

Posted

There's always the possibility he has a virus that's trying to force his browser to go to other sites. I would not trust Norton Internet Security if I were you. I would install the entire Microsoft Security Essentials package (which is free), disconnect the computer from the net, and run that and see what you find. (I'm also a big fan of Nod32, which is very good.)

--Marc W.

I'm betting on this as well. Are you using Internet Explorer?

Posted

Just tried another computer,windows based same problem. I never share files with the two machines and they are not connectet to each other in any way, both computers are up to date with security features,have used norton for over 12 years and never had a problem that it didn't catch. The "redirect" seems to come and go all day. Some of the links on CinemaSound site "Discussion Group and Jeff Wexler's blog"  cause the redirect as well. Member Jeff Babb had the same problem as well,and looks like he is running a mac system. So I don't think there is a problem at my end,but somewhere in the system,maybe the server the site is hosted on, but that that doesn't explain why the CinemaSound site would have the same problem,i would think it is hosted on a different server. If need be,I will go to the computer stores tomorrow and try several different computers both Mac and PC to prove the problem is not at this end.

Phil

Posted

Marc, you may be right about it being a DNS hack... or it could be a hack at the server level.  I just tried going to www.lunarpages.com, which is the web host for www.jwsound.net... because I was going to refer one of my website clients to them and I want to look up prices... but instead of going to the Lunarpages website, guess what page loaded.  Yup... www.blackinternet.se.  It could be DNS or it could be that the zone files at Lunarpages have been hacked.  One way to test out which it might be is for other people here to go to www.lunarpages.com right now.  it's 6:45 pacific time and I'm on the TimeWarner system, so if other users on TimeWarner are getting the same thing right now, but non-TimeWarners users are not... then we know it's a DNS hack.  If everyone is getting redirected right now, then it could still be a DNS or a Lunarpages hack.

Laurence

Posted

Just tried another computer,windows based same problem. I never share files with the two machines and they are not connectet to each other in any way, both computers are up to date with security features,have used norton for over 12 years and never had a problem that it didn't catch. The "redirect" seems to come and go all day.  - snip -

Phil

I think we can rule out any local infection since this has occurred on at least 2 computers, a Windows PC and a Mac, different ISP's and different browsers. I am hoping that Laurence A. can shed some light on this. Laurence is my go to guy for any and all of these web things. One question to you, Phil, how are you able to get onto this site properly so as to post the message above? The re-direct is arbitrary and intermittent?

- Jeff Wexler

Posted

Lunarpages has been hacked.  Here is what they say:

"We are currently experiencing an issue with our Las Vegas datacenter  that appears to be in our nameservers. Our techs are aware that sites  are being redirected elsewhere and are working on it as quickly as  possible. We will let you know once it is corrected. Unfortunately, we  cannot provide an ETA."

Laurence

Posted

Lunarpages has been hacked.  Here is what they say:

"We are currently experiencing an issue with our Las Vegas datacenter  that appears to be in our nameservers. Our techs are aware that sites  are being redirected elsewhere and are working on it as quickly as  possible. We will let you know once it is corrected. Unfortunately, we  cannot provide an ETA."

Laurence

Thank you Laurence for the detective work! So, there is the answer, we'll just have to be patient. Isn't the Internet great!

-  Jeff Wexler

Posted

Lunarpages now says it's been fixed... "We really apologize for the inconvenience. One of server IP addresses got  spoofed we already took measures for that to not happen in the future."  ...although I'm still seeing the re-direct when I go to www.lunarpages.com.  But that could be caused by dns-caching at the ISP.  If the problem is truly fixed, it should be all cleared up for everyone within a few hours when the DNS servers have all refreshed.

Laurence

Posted

"One question to you, Phil, how are you able to get onto this site properly so as to post the message above? The re-direct is arbitrary and intermittent?"

  That's the crazy thing Jeff it was intermittent all day and well into the night,I went to bed about 2AM: One moment the site was fine and 5Min: later a redirect.  That's why when I went to my second computer that has never shared files With this one,or been remotely connected to it,the problem wasn't at my end. The only internet sites the two computers would have in common would be google,norton,jwsound and cinemasound.

Phil

Posted

Robert,when your redirected to "blackinternet" site,it sends a little payload to your computer in the form of an EXE file. See my screen shot ! My Internet Security "norton" was able to stop it before it unpacked itself.

Phil

Posted

Robert, you got the same redirect at 695.com that some visitors to jwsound.net have experienced.... which is not surprising because 695.com and jwsound.net both share the same web host, Lunarpages which got hacked over the weekend, resulting in the redirects that people have been experiencing.  Your report of 695.com redirects is the first I've heard.  For reasons not clear, the jwsound.net redirects were occurring intermittently but Lunarpages now reports that the problem has been corrected.  Having said that, it's possible that some redirects will continue to occur for a brief time, while ISP's with cached domain name servers await a refresh.  Robert, you should be able to reach 695.com if you try it now.  Please let me know if that's not the case.

Laurence

Posted

Sadly enough .se is Sweden... :(

 

Reading the "black internet" site is not making much sense.. can't make out what they are selling..

Hmm...

 

//Christian

 

 

 

Here's what I found from almost 1 year ago:

    Swedish authorities target Black Internet and take The Pirate Bay offline  Aug. 24, 2009 (4:43 pm) By: Matthew Humphries    [img alt=thepiratebay width=298 height=200] thepiratebay.pngThe Swedish authorities, for the time being, have been successful in taking The Pirate Bay offline. The feat was managed by way of targeting the ISP Black Internet which currently provides the site with its bandwidth.

Black Internet were given a choice: either cease providing bandwidth for The Pirate Bay or be hit with a fine of around $70,600. In the end it was an easy decision to make and so as to not be lumped with a bank-busting fine, The Pirate Bay was shut off and is currently inaccessible.

The offline status of the site may not remain for very long, however, if it manages to find an alternative provider and one not likely residing in Sweden. Current estimates from the site say it will be fully-functional again by tomorrow morning.

Peter Sunde recently resigned as spokesperson for the site so a response to the action came from The Pirate Bay’s Rick Falkvinge instead. He said:

<blockquote>  This is absolutely ridiculous. The Court seems to consider themselves above the Constitution. This clarifies how copyright law has become untenable, and how information is lacking political skills in the judiciary.</blockquote>  A post on The Pirate Bay blog has also appeared stating:

<blockquote>  The MAFIAA has spent millions of dollars and endless amounts of time to get this ban in order. Our guess is that they also bribed a bit to get it since it violates so many laws not only in Sweden but also in the EU, not to mention violations against human rights. And what do they have to show for it? 3 hours of partial downtime.</blockquote>  It is currently unclear what reasons the Swedish authorities have given for the action taken against Black Internet, but is surely going to be related to the court case defeat earlier this year and continued pressure from the music and movie industry to take the site down.

Read more at TorrentFreak

Matthew’s Opinion

There are reports that the site is already back up, but I can’t access it or the blog post that quote above was taken from. With a site going offline it can take a while for everyone to regain access and especially if it is getting a lot of traffic testing whether it is back up or not, so it may load for you.

I really want to know the reasons why the Swedish authorities could fine Black Internet. They must have quoted some breach of the law, but what was that breach? Black Internet was left between a rock and a hard place as $70,600 is a lot of money to all but the largest of companies. It wasn’t a battle they could really choose to fight.

I would also like to know who the new bandwidth provider is for the site. I doubt it’s in Sweden and if it isn’t and resides in a country which isn’t on such good terms with Hollywood then it could be a lot more difficult to take it offline again.

Read more: http://www.geek.com/articles/news/swedish-authorities-target-black-internet-and-take-the-pirate-bay-offline-20090824/#ixzz0q7oSfCPQ

Posted

Ah, that makes sense. If the webhost itself is hacked, all bets are off. The good news is, hopefully the members here have NOT gotten their computers infected.

I really hate hearing stories like this, because it's such a senseless waste on the part of the hackers. You have to wonder what these morons are trying to accomplish...  other than just F with people.

--Marc W.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...