- Unresolved Namess Sale -

[alexsimon]

Hi5 is a very big site, so it is not a scammer's heaven.

[Kamloops]

Looks like it uses activex to download jpeg.exe to your computer. It uses GetSpecialFolder(2) which points to a temporary internet folder. Then uses ShellExecute execute the file!

If you viewed the page with javascript, most likely need activex on as well, search for jpeg.exe located in a temp internet folder. I don't know what happends after it is executed as I'm not downloading the file.

Hope that helps

Jay

Been digging into the site and it is not jpeg.exe it is jpg.exe

[calif.bob]

Hi5 is a very big site, so it is not a scammer's heaven.

I didn't think that it was a scammer's heaven, however my thought was that it's just another method for them to communicate with each other.

After further review of the play, it appears that it's just another social networking site and probably not worth spinning my wheels on.

[liberator]

Been digging into the site and it is not jpeg.exe it is jpg.exe

correct sorry for the typo!!

[Stian]

I got that God damn PM on NP's as well.. Clicked the URL but closed the browser as soon as I read the "Loading.. Please wait 10 seconds.." sh*t ..

I have scanned my entire computer since with antivirus and anti-spyware. I have also changed all my passwords on forums, registrars, paypal etc. from another (new, secure) computer as well, just in case.

What p*sses me off, is that some prick in some country actually tried to install a keylogger on my box and steal my domains. Sometimes I wish I could kick people in the face via internet.

One more thing that you should frequently do to make sure you haven't got any sh*t installed on your computer, is to check all running processes (CTRL+ALT+DEL WinXP/Vista). Look up every process (google them) that you are not sure what is. If you see any weird process names, it might be spyware and you should consider getting it removed.

[EG.domains]

Sometimes I wish I could kick people in the face via internet.

[tinner666]

Thought I had nothing to contribute to this thread,, but........................

I think it was 2 weeks ago. GrennGambler or somebody got taken. On DP, I THINK...... Anyway, I followed a few threads and of several thefts...
They led to a hackerz forum.. The thief was a member and returned some stolen LLLL's, but a ring of hackers was revealed then!
I'm sorry, but not being involved, I didn't make a note of the thread, the LLLL's or the names!

I hope this post will jog somebody's memory!!!! The forum is private, invite only, but at least one member of DP or NP was able to get in for awhile when they switched their DNS, before it went private again...



Anybody remember this????
I'll poke around and see if I can find anything.

To all here.

Copy the name 'istnight.com'. Open 'tools', click privacy, click 'Sites' Paste it in the box, click 'Block'. Click OK twice to leave the balcklist.

Found it!

Originally Posted by LenHey guy's it it just me or has the desihackerz site been taken down?

It was back up for a while last night but it is again down.

FYI, they already started a new forum called ProHackerz.com. I suggest you join now before they turn on the invite only feature, so that you can keep an eye on that place in the future, if it lasts long.



I hope this was a help, and not an off-topic. Sorry if I'm wrong.

[Kamloops]

I have sent the file jpg.exe to Norton, I will post what they say to me here when I get a response

https://submit.symantec.com/websubmit/retail.cgi

[Banned: domain newbie]

FYI, they already started a new forum called ProHackerz.com. I suggest you join now before they turn on the invite only feature, so that you can keep an eye on that place in the future, if it lasts long.

how do u get it to that forums ? my machine cant' handle it

throws me out to adverts

[spidergoat]

notice Frikkle is back lurking ...

[calif.bob]

FYI, they already started a new forum called ProHackerz.com. I suggest you join now before they turn on the invite only feature, so that you can keep an eye on that place in the future, if it lasts long.

I went to the ProHackerz.com forum and poked around a bit.

It's no different than any other hacker website in my opinion. You can purchase verified PayPal accounts for $10 USD. There is also listings for domains for sale. I didn't stick around too long since the vibe was kinda funky and there were a bunch of lamers sleeping on several cots in the lobby.

[klklinc]

desihackerz.com was shut down but was revived as desihackerz.org. One of the threads that is associated with those thefts is http://www.namepros.com/warnings-and...t-scammed.html
BTW I am len.

[Kamloops]

Wow just went that prohacker site, they are selling hacked paypal accounts over there!
Check this out.

http://vshare.ws./images/qqm3lnqlbujdfsqcaeg.gif

guys this is my latest acc hacked by me
so i am selling it for 15$

payment via
1>moneybooker
2>paypal

i want 10$ in money booker and 5$ in paypal and the money should be legal

[Stian]

Crazy....

[TheLegendaryJP]

There was another domain theft I cannot name still but it also was in the 6 figure range and they were a member here. They too were a member of this sort of hack and sale forum group.

[Thomas Nash]

Wow just went that prohacker site, they are selling hacked paypal accounts over there!
Check this out.

http://vshare.ws./images/qqm3lnqlbujdfsqcaeg.gif

guys this is my latest acc hacked by me
so i am selling it for 15$

payment via
1>moneybooker
2>paypal

i want 10$ in money booker and 5$ in paypal and the money should be legal

Scary stuff.. There would be no way of knowing that your Paypal account was being sold for $15 either, that's the worst bit!

[Adam Dicker]

The things we learn when we poke around, if only I had more time.

-=DCG=-

[Kamloops]

It is scarey over there the stuff they are selling!

Also did some more detective work on that keylogger site. Looks like they have made some change as the screen you get with firefox is not changed,

When I take the page I get in firefox - decode it and then try to save it as a txt file in notepad, Norton catches it and deletes it, says this -

Discovered: June 8, 2001
Updated: February 13, 2007 11:50:11 AM
Type: Trojan Horse
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP



Downloader connects to the Internet and downloads other Trojan horses or components.

Note: Virus definitions dated June 1, 2006 or earlier may detect this threat as Download.Trojan.
ProtectionInitial Rapid Release version June 11, 2001
Latest Rapid Release version March 11, 2008 revision 036
Initial Daily Certified version June 11, 2001 revision 007
Latest Daily Certified version March 11, 2008 revision 035
Initial Weekly Certified release date June 13, 2001
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat AssessmentWildWild Level: Low
Number of Infections: 0 - 49
Number of Sites: 0 - 2
Geographical Distribution: Low
Threat Containment: Easy
Removal: Easy
DamageDamage Level: Low
DistributionDistribution Level: Low

Writeup By: Gor Nazaryan

[fab]

Wow just went that prohacker site, they are selling hacked paypal accounts over there!
Check this out.

http://vshare.ws./images/qqm3lnqlbujdfsqcaeg.gif

guys this is my latest acc hacked by me
so i am selling it for 15$

payment via
1>moneybooker
2>paypal

i want 10$ in money booker and 5$ in paypal and the money should be legal

Oh my!

[spidergoat]

how are pp accounts commonly hacked?