 | Welcome to Dnforum.com
You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!
If you have any problems with the registration process or your account login, please contact us. |  | 
03-11-2008, 03:43 PM
|
#661 (permalink)
| | Platinum Lifetime Member
Name: B0B Last Online: 03-20-2008 07:59 PM Join Date: Sep 2007
Posts: 62
DNF$: 0 Location: New Ganada, California
Country: 
| 
Quote:
Originally Posted by Kamloops  I dont know what laugauge it is, wish I did, one of the files is in english.
And there is some very private info in there logged, Id and passwords for web based email accounts on Yahoo and Aol
I tried one and it worked. Plus there was enough info to steal domains.
Its easy to see how these guys are stealing them now!
Not sure what I should do with this info, wish I could figure out how I got into the root to get those files as there was so much more there as well. Maybe enought to nail these guys!
I think it is turkish, using the whois info for the site I found this about the guy xremotex@hotmail.com
Age: 22
Gender: Male
Location: istanbul, Turkey |
I ran the email address, xremotex@hotmail.com, through RapLeaf.com and found a photo of the user who's online identity is OGUZHAN at Hi5. He is a 22 year old male, which we knew, with a birthday of March 16th.
Up until this huge thread, I have never heard of Hi5.com however several of the known alleged conspirators have accounts there. I will look into this further to see if they are at all linked together.
CB
__________________ Calif.Bob @ Gmail.com www.LockOurRate.com .net .org also available. PM Serious Offers Only | 
|  | |
03-11-2008, 04:08 PM
|
#662 (permalink)
| | Platinum Lifetime Member
Last Online: 05-09-2008 08:40 PM Join Date: Jan 2007
Posts: 162
DNF$: 10 Location: Oradea, Romania
Country: 
| Hi5 is a very big site, so it is not a scammer's heaven. | |
| | |
03-11-2008, 04:08 PM
|
#663 (permalink)
| | Platinum Lifetime Member
Last Online: Today 02:33 AM Join Date: Mar 2006
Posts: 370
DNF$: 1,161 Location: Kamloops
| Quote:
Originally Posted by liberator Looks like it uses activex to download jpeg.exe to your computer. It uses GetSpecialFolder(2) which points to a temporary internet folder. Then uses ShellExecute execute the file!
If you viewed the page with javascript, most likely need activex on as well, search for jpeg.exe located in a temp internet folder. I don't know what happends after it is executed as I'm not downloading the file.
Hope that helps
Jay | Been digging into the site and it is not jpeg.exe it is jpg.exe | |
| | |
03-11-2008, 04:20 PM
|
#664 (permalink)
| | Platinum Lifetime Member
Name: B0B Last Online: 03-20-2008 07:59 PM Join Date: Sep 2007
Posts: 62
DNF$: 0 Location: New Ganada, California
Country:
| Quote:
Originally Posted by alexsimon Hi5 is a very big site, so it is not a scammer's heaven. |
I didn't think that it was a scammer's heaven, however my thought was that it's just another method for them to communicate with each other.
After further review of the play, it appears that it's just another social networking site and probably not worth spinning my wheels on.
__________________ Calif.Bob @ Gmail.com www.LockOurRate.com .net .org also available. PM Serious Offers Only | |
| | |
03-11-2008, 04:27 PM
|
#665 (permalink)
| | Platinum Lifetime Member
Name: Jason Last Online: Yesterday 10:31 PM Join Date: Jan 2007
Posts: 311
DNF$: 157 Location: Canada
Country: 
| Quote:
Originally Posted by Kamloops Been digging into the site and it is not jpeg.exe it is jpg.exe | correct sorry for the typo!!
__________________
Rashes.ca - Mayors.ca - Thrillers.ca | |
| | |
03-11-2008, 04:29 PM
|
#666 (permalink)
| | Never Sleep .. 
Verified Member
Name: Stian Last Online: Today 05:48 AM Join Date: Jan 2007
Posts: 3,503
DNF$: 8,650 Location: www.ehot.net
Country: 
| I got that God damn PM on NP's as well.. Clicked the URL but closed the browser as soon as I read the "Loading.. Please wait 10 seconds.." sh*t ..
I have scanned my entire computer since with antivirus and anti-spyware. I have also changed all my passwords on forums, registrars, paypal etc. from another (new, secure) computer as well, just in case.
What p*sses me off, is that some prick in some country actually tried to install a keylogger on my box and steal my domains. Sometimes I wish I could kick people in the face via internet.
One more thing that you should frequently do to make sure you haven't got any sh*t installed on your computer, is to check all running processes (CTRL+ALT+DEL WinXP/Vista). Look up every process (google them) that you are not sure what is. If you see any weird process names, it might be spyware and you should consider getting it removed. 
__________________  Don't miss Boot.net and Assorted.com @ T.R.A.F.F.I.C. East LIVE Auction May 23rd !
Last edited by pcproffenno; 03-11-2008 at 04:33 PM.
Reason: Automerged Doublepost
| |
| | |
03-11-2008, 04:34 PM
|
#667 (permalink)
| | GenericDomainMarket.com
Verified Member
Last Online: Yesterday 09:19 PM Join Date: Apr 2007
Posts: 1,094
DNF$: 500 Location: Online
| Quote:
Originally Posted by pcproffenno Sometimes I wish I could kick people in the face via internet. |  
__________________ Pregnants.org @ Sedo - No reserve | |
| | |
03-11-2008, 04:51 PM
|
#668 (permalink)
| | Platinum Lifetime Member
Verified Member
Name: Frank Last Online: 05-14-2008 08:37 PM Join Date: Dec 2007
Posts: 264
DNF$: 545 Location: Richmond
Country:
| Thought I had nothing to contribute to this thread,, but........................
I think it was 2 weeks ago. GrennGambler or somebody got taken. On DP, I THINK...... Anyway, I followed a few threads and of several thefts...
They led to a hackerz forum.. The thief was a member and returned some stolen LLLL's, but a ring of hackers was revealed then!
I'm sorry, but not being involved, I didn't make a note of the thread, the LLLL's or the names! 
I hope this post will jog somebody's memory!!!!  The forum is private, invite only, but at least one member of DP or NP was able to get in for awhile when they switched their DNS, before it went private again...
Anybody remember this????
I'll poke around and see if I can find anything.
To all here.
Copy the name ' istnight.com'. Open 'tools', click privacy, click 'Sites' Paste it in the box, click 'Block'. Click OK twice to leave the balcklist.
Found it!
Originally Posted by LenHey guy's it it just me or has the desihackerz site been taken down?
It was back up for a while last night but it is again down.
FYI, they already started a new forum called ProHackerz.com. I suggest you join now before they turn on the invite only feature, so that you can keep an eye on that place in the future, if it lasts long.
I hope this was a help, and not an off-topic. Sorry if I'm wrong.
Last edited by tinner666; 03-11-2008 at 05:31 PM.
Reason: Automerged Doublepost
| |
| | |
03-11-2008, 05:48 PM
|
#669 (permalink)
| | Platinum Lifetime Member
Last Online: Today 02:33 AM Join Date: Mar 2006
Posts: 370
DNF$: 1,161 Location: Kamloops
| I have sent the file jpg.exe to Norton, I will post what they say to me here when I get a response https://submit.symantec.com/websubmit/retail.cgi | |
| | |
03-11-2008, 05:50 PM
|
#670 (permalink)
| | DNF Addict
Last Online: Today 05:10 AM Join Date: Mar 2005
Posts: 2,702
DNF$: 1,543 Location: my home is where my bank account is
Country: 
| Quote:
Originally Posted by tinner666
FYI, they already started a new forum called ProHackerz.com. I suggest you join now before they turn on the invite only feature, so that you can keep an eye on that place in the future, if it lasts long.
|
how do u get it to that forums ? my machine cant' handle it 
throws me out to adverts | |
| | |
03-11-2008, 06:11 PM
|
#671 (permalink)
| | Platinum Lifetime Member
Last Online: 04-08-2008 11:04 PM Join Date: May 2006
Posts: 241
DNF$: 583 Location: Yellowknife Canada
| notice Frikkle is back lurking ... | |
| | |
03-11-2008, 06:18 PM
|
#672 (permalink)
| | Platinum Lifetime Member
Name: B0B Last Online: 03-20-2008 07:59 PM Join Date: Sep 2007
Posts: 62
DNF$: 0 Location: New Ganada, California
Country:
|
Quote:
Originally Posted by tinner666 FYI, they already started a new forum called ProHackerz.com. I suggest you join now before they turn on the invite only feature, so that you can keep an eye on that place in the future, if it lasts long. | I went to the ProHackerz.com forum and poked around a bit.
It's no different than any other hacker website in my opinion. You can purchase verified PayPal accounts for $10 USD. There is also listings for domains for sale. I didn't stick around too long since the vibe was kinda funky and there were a bunch of lamers sleeping on several cots in the lobby.
__________________ Calif.Bob @ Gmail.com www.LockOurRate.com .net .org also available. PM Serious Offers Only | |
| | |
03-11-2008, 06:28 PM
|
#673 (permalink)
| | Platinum Lifetime Member
Name: Len Last Online: Yesterday 08:59 PM Join Date: Mar 2007
Posts: 129
DNF$: 0 Location: Canada
Country:
| desihackerz.com was shut down but was revived as desihackerz.org. One of the threads that is associated with those thefts is http://www.namepros.com/warnings-and...t-scammed.html
BTW I am len. | |
| | |
03-11-2008, 06:35 PM
|
#674 (permalink)
| | Platinum Lifetime Member
Last Online: Today 02:33 AM Join Date: Mar 2006
Posts: 370
DNF$: 1,161 Location: Kamloops
| Wow just went that prohacker site, they are selling hacked paypal accounts over there!
Check this out. http://vshare.ws./images/qqm3lnqlbujdfsqcaeg.gif
guys this is my latest acc hacked by me
so i am selling it for 15$
payment via
1>moneybooker
2>paypal
i want 10$ in money booker and 5$ in paypal and the money should be legal | |
| | |
03-11-2008, 06:43 PM
|
#675 (permalink)
| | Never Sleep ..
Verified Member
Name: Stian Last Online: Today 05:48 AM Join Date: Jan 2007
Posts: 3,503
DNF$: 8,650 Location: www.ehot.net
Country:
| Crazy.... | |
| | |
03-11-2008, 06:45 PM
|
#676 (permalink)
| | DNF Addict
Last Online: Today 07:30 AM Join Date: Jul 2005
Posts: 1,741
DNF$: 2,724 Location: Canada
Country:
| There was another domain theft I cannot name still but it also was in the 6 figure range and they were a member here. They too were a member of this sort of hack and sale forum group. | 
| | |
03-11-2008, 06:47 PM
|
#677 (permalink)
| | DNF Regular
Last Online: Today 03:19 AM Join Date: Jan 2007
Posts: 563
DNF$: 396 Location: Manchester UK
Country: 
| Quote:
Originally Posted by Kamloops Wow just went that prohacker site, they are selling hacked paypal accounts over there!
Check this out. http://vshare.ws./images/qqm3lnqlbujdfsqcaeg.gif
guys this is my latest acc hacked by me
so i am selling it for 15$
payment via
1>moneybooker
2>paypal
i want 10$ in money booker and 5$ in paypal and the money should be legal | Scary stuff.. There would be no way of knowing that your Paypal account was being sold for $15 either, that's the worst bit! | |
| | |
03-11-2008, 06:48 PM
|
#678 (permalink)
| | Administrator
Verified Member
Name: Adam Dicker Last Online: Yesterday 10:22 AM Join Date: Feb 2003
Posts: 8,089
DNF$: 4,621,536 Location: Toronto, Canada
Country:
| The things we learn when we poke around, if only I had more time.
-=DCG=- | |
| | |
03-11-2008, 07:05 PM
|
#679 (permalink)
| | Platinum Lifetime Member
Last Online: Today 02:33 AM Join Date: Mar 2006
Posts: 370
DNF$: 1,161 Location: Kamloops
| It is scarey over there the stuff they are selling!
Also did some more detective work on that keylogger site. Looks like they have made some change as the screen you get with firefox is not changed,
When I take the page I get in firefox - decode it and then try to save it as a txt file in notepad, Norton catches it and deletes it, says this -
Discovered: June 8, 2001
Updated: February 13, 2007 11:50:11 AM
Type: Trojan Horse
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
Downloader connects to the Internet and downloads other Trojan horses or components.
Note: Virus definitions dated June 1, 2006 or earlier may detect this threat as Download.Trojan.
ProtectionInitial Rapid Release version June 11, 2001
Latest Rapid Release version March 11, 2008 revision 036
Initial Daily Certified version June 11, 2001 revision 007
Latest Daily Certified version March 11, 2008 revision 035
Initial Weekly Certified release date June 13, 2001
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat AssessmentWildWild Level: Low
Number of Infections: 0 - 49
Number of Sites: 0 - 2
Geographical Distribution: Low
Threat Containment: Easy
Removal: Easy
DamageDamage Level: Low
DistributionDistribution Level: Low
Writeup By: Gor Nazaryan | |
| | |
03-11-2008, 07:06 PM
|
#680 (permalink)
| | DNF Addict
Verified Member
Last Online: Yesterday 04:45 PM Join Date: Dec 2004
Posts: 2,541
DNF$: 212 Location: Elad
Country:
| Quote:
Originally Posted by Kamloops Wow just went that prohacker site, they are selling hacked paypal accounts over there!
Check this out. http://vshare.ws./images/qqm3lnqlbujdfsqcaeg.gif
guys this is my latest acc hacked by me
so i am selling it for 15$
payment via
1>moneybooker
2>paypal
i want 10$ in money booker and 5$ in paypal and the money should be legal | Oh my! | |
| | | Tags | 1337 n00b h4x0r , 16 years old , 9mm gets f*cked(.com) , 9mm out of bullets , 9mm peter , bloodclot p*ssyclot 9mm , canadian scammer , domain theft unravels , fbi , foolish kid , framed!= , freestyler@live.ca , huge dildo store , jp for president , pornos.com , scam , scam of the year , self-appointed cop , stains in his underwear , thieves , third person? , ticks on dicks , un-bloody-believable , wanker , who's tracy wilder?  | |
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | | | | Thread Tools | | | | Display Modes | | | |
