PDA

View Full Version : Pool.bz hacked :(


stljohnny
09-17-2013, 12:54 PM
I was all set to do some shot diagrams and then I was confronted with some asshat's "owned by [hackerAlias]" front page.

If anyone knows how to get in touch with the site owner and let them know, that'd be awesome.

[Edited]

It appears only the front page is suspect - if you have a direct link to a certain page it seems to be working ok. So, it's not a terribly malicious hack, but still a d*** move.

alstl
09-17-2013, 02:11 PM
Again? This happened previously.

iusedtoberich
09-17-2013, 02:34 PM
I clicked on the hacker's link, and it took me to their FB page. It looks like every day they go about attacking random sites, and putting the link to the attacked site on their FB page.

stljohnny
09-17-2013, 02:35 PM
I don't know when the last one happened, maybe this is the same time? I don't hit the site too often so when I visited it earlier and saw this, I was surprised.

stljohnny
09-17-2013, 02:35 PM
I clicked on the hacker's link, .

Man, you are BRAVE! lol

iusedtoberich
09-17-2013, 03:06 PM
No, the last (and first time as far as I know) was 2 years ago or so. This is a new attack.

iusedtoberich
09-17-2013, 03:07 PM
Man, you are BRAVE! lol

lol, yeah. Well they had the link.... I wanted to see what they were about. lol

sfleinen
09-17-2013, 03:32 PM
I clicked on the hacker's link, and it took me to their FB page. It looks like every day they go about attacking random sites, and putting the link to the attacked site on their FB page.

Man, you are BRAVE! lol

lol, yeah. Well they had the link.... I wanted to see what they were about. lol

Not usually a good move, for as the saying goes, curiosity killed the cat. Most of the time, when a link is provided on a hacked site, it utilizes (leverages, exploits) what's called a "zero day" attack. Meaning, it exploits a vulnerability in the web browser (or Java) which is brand-new, and for which a fix is not yet available.

A better way to see where a link on a site goes (and where a link in an email points to, if you're reading an email that you're not sure of, and might be a phishing attack), is to HOVER your mouse pointer over the link -- DON'T click on the link -- rather, just hover your mouse pointer over it without clicking. While hovering your mouse pointer over the link, read the bottom status bar of your browser (usually the bottom left corner) -- it will show you the underlying URL that you'll actually be taken to if you'd have clicked the link.

Actually clicking on a link is like looking down into the muzzle of an unknown gun, and then pulling the trigger "to see if a bullet comes out." :eek: You only get to do that once with a malicious site.

-Sean <-- just some advice from your friendly neighborhood info security guy

Ghosst
09-18-2013, 07:18 AM
Good advice from Sean.

The other very important thing to remember is that website addresses are actually "read" by the computer backward. So an innocent looking URL can take you anywhere if you're not diligent.

http://forums.azbilliards.com.ru/Players/ShannelleLoraineNaked

Seems like a good link with an "interesting" article but the .ru is the first part read by the computer. That means you're going to a site registered in Russia. The parts before that are just sub-domains which are just pointers to other computers within the "com.ru" domain.

Spybot Search & Destroy's (http://www.safer-networking.org/mirrors/) immunization filter will keep you safe from most of these sites.

CreeDo
09-19-2013, 11:36 AM
This happened before and due to all the complaints, he decided to stop allowing his diagrams to be directly embedded in AZbilliards posts, because AZ has tons of registered users and apparently every one of them complained to Wei (owner of pool.bz) and I guess he felt he didn't want to be held responsible for stuff like that.

I'm gonna be a foolish guinea pig and try going straight to the diagram subpage, pool.bz/P/ and I'll report back if anything bad happens to me. Or not, depending on how bad it is lol.

Ratta
09-19-2013, 11:46 AM
the owner doesn t care about this website since a long time. no wonder that this happened.