Jump to content


Photo

Virus infection detected on many players


  • Please log in to reply
15 replies to this topic

#1 k1ller

k1ller

    Admin

  • Moderators - Admin
  • 4,261 posts
456

Posted 18 April 2011 - 06:47 AM

Setti's web site is receiving lots of requests to the server submit form. The server submit form allows server admins to add their own server on Setti's server list. Lately there has been strange traffic to the server submit form that doesn't seem right.

Setti's server submit URL has changed during web site updates time to time. Yet, there is still traffic to the old server submit forms. There exists either a virus sending the requests or a server administration tool gone wrong. Based on the number of requests it's fair to assume there's a virus.

It's possible that some of Setti's users or server admins have been infected by the virus. Here's list of IPs that have been submitting servers to old server submit forms. The hosts are very likely to be infected by the virus, or they're using bad server administration tool.

Check this page to see if you are infected: http://css.setti.info/servervirus/ - Notify your friends too!
Posted Image

#2 k1ller

k1ller

    Admin

  • Moderators - Admin
  • 4,261 posts
456

Posted 18 April 2011 - 06:47 AM

Request: Russian translation of the text. Post the translation here.
Запрос: русский перевод текста. Сообщение перевод здесь.
Posted Image

#3 edavrio

edavrio

    One of us

  • Members
  • 129 posts
44

Posted 18 April 2011 - 09:04 AM

Сайт сетти получает массу запросов на добавление серверов через форму. Форма добавления серверов позволяет администраторам/обладателям серверов добавлять в список серверов сетти свой сервер. В последнее время большая часть трафика которая получена вебсервером на форму добавления серверов являеться странным и отправленным не людьми.

URL линк формы добавления серверов в список сетти изменится со временем. Тем не менее ешё приходит трафик на старую форму добавления серверов. Здесь замешен вирус который отправляет запросы или программы администраторов. Но судя по числу запросов можно сказать что это вирус.

Возможно пользователи сетти или админы серверов получили данный вирус на свой компьютер. Тут есть список IP адресов которые отправляют запросы на старую форму добавления серверов. Администраторы серверов вероятно получили данный вирус через интернет или используют плохие программы для администрирования / управления сервером.

Нажмите по этой странице чтобы посмотреть если вы / ваш компьютер заражён: http://css.setti.info/servervirus/ - Предупредите свойх друзей!

#4 MvPRO Administrator

MvPRO Administrator

    Fakes detector

  • Russian Moderator
  • 2,310 posts
529
  • LocationMoscow, Russia

Posted 20 April 2011 - 12:31 PM

It`s not a virus really...

P.S. Normal Russian translation with the rules of Russian language and punctuation:

Сайт Setti получает большое количество запросов на форму добавления в список на главной странице сайта. Форма добавления является единственным способом, помимо буста, для добавления игровых серверов в список мастер сервера Setti. В последнее время наблюдалось большое количество подозрительного трафика на форму добавления. Мы предполагаем, что имеется проблема.

Ссылка на добавление серверов в список менялась с каждым обновлением сайта. До сих пор имеются запросы на старую ссылку добавления. Возможно существует вирус или проблема в каких-либо программах, которые используют администраторы игровых серверов. Судя по количеству запросов, справедливо предположить, что существует вирус.

Существует вероятность, что некоторые пользователи Setti или администраторы игровых серверов заражены вирусов. Мы сделали список IP адресов, которые предположительно заражены вирусом.

Проверить не заражены ли вы, а также прочитать информацию вы всегда можете по этой ссылке: http://css.setti.info/servervirus/
Ваши друзья также могут быть подвержены заражению, обязательно сообщите им ссылку, приведенную ниже.

Lets make setti better!
Find servers which break rules and report!


If you have any questions, you can talk with me on ICQ: 376421296 or E-Mail: admin@mvpro.net

#5 edavrio

edavrio

    One of us

  • Members
  • 129 posts
44

Posted 20 April 2011 - 02:06 PM

It`s not a virus really...

botnet :whistling:

#6 Ghost

Ghost

    Admin

  • Moderators - Admin
  • 3,649 posts
271

Posted 20 April 2011 - 02:30 PM

Isn't botnet just a swarm of hosts infected with a virus :whistling:

#7 edavrio

edavrio

    One of us

  • Members
  • 129 posts
44

Posted 21 April 2011 - 11:36 AM

Isn't botnet just a swarm of hosts infected with a virus :whistling:

I assure you, this is a botnet :rolleyes:

#8 MvPRO Administrator

MvPRO Administrator

    Fakes detector

  • Russian Moderator
  • 2,310 posts
529
  • LocationMoscow, Russia

Posted 21 April 2011 - 12:01 PM

Isn't botnet just a swarm of hosts infected with a virus :whistling:

I dont think so. edavrio knows it. He contact directly to hackers, who realize it. He`s their publisher. They are stay hidden with using of him.
Lets make setti better!
Find servers which break rules and report!


If you have any questions, you can talk with me on ICQ: 376421296 or E-Mail: admin@mvpro.net

#9 k1ller

k1ller

    Admin

  • Moderators - Admin
  • 4,261 posts
456

Posted 21 April 2011 - 01:50 PM

:blink: :wacko: Did you buy the botnet or is there a communication error? Botnet is a swarm of computers, correct? How did you install the malware on thousands of computers without their owners' acceptance?

When does a botnet become a botnet? If there are 10 computers connected is it a botnet? How about 20, 50 or 100 computers? What is the limit when a group of connected computers become a botnet?

A botnet operator sends out viruses or worms, infecting ordinary users' computers, whose payload is a malicious application — the bot. -- Wikipedia

Well how about this then: Every day there are 100k-200k hosts connecting to Setti. Is that a botnet? They request information from Setti and then query those servers that Setti instructs them to query? What makes a botnet a botnet? Apparently there needs to be a malicious attempt in it - so Setti clearly isn't one.

How about single users in the botnet then? They don't see the other infected computers. All they see is that there is some malicious program - a virus - running on their computer. Semantics about "virus" or "malware" can be ignored here. It is not the user's will to have that program in his computer.

Here's one good article about distributing malware: http://resources.inf...m/tdss4-part-1/ (article published few days ago). Instead of being involed in botnets put your time into good use.
Posted Image

#10 MvPRO Administrator

MvPRO Administrator

    Fakes detector

  • Russian Moderator
  • 2,310 posts
529
  • LocationMoscow, Russia

Posted 21 April 2011 - 05:05 PM

k1ller, i am tired to repeat. Dont argue. I have to sense to lie. All chat logs about botnet and edavrio`s actions (use) and participant in it here in public:
http://c-s.net.ua/fo...ndpost&p=209322
Lets make setti better!
Find servers which break rules and report!


If you have any questions, you can talk with me on ICQ: 376421296 or E-Mail: admin@mvpro.net

#11 k1ller

k1ller

    Admin

  • Moderators - Admin
  • 4,261 posts
456

Posted 22 April 2011 - 12:09 AM

k1ller, i am tired to repeat. Dont argue. I have to sense to lie. All chat logs about botnet and edavrio`s actions (use) and participant in it here in public:
http://c-s.net.ua/fo...ndpost&p=209322

@MvPRO
You do repeat your messages. You do argue right now by your message. You have "sense" to lie because you are hosting your servers yourself. You've been caught several times lying to your customers. You can no longer close any topics at Setti forums.

Chat logs about botnet are publicly available at http://c-s.net.ua/fo...2&#entry209322. That is no secret.

@All
Edavrio's servers are banned because he is involved in the botnet. His server IP is banned.
Posted Image

#12 edavrio

edavrio

    One of us

  • Members
  • 129 posts
44

Posted 22 April 2011 - 05:34 AM

He's their publisher. They are stay hidden with using of him.

Do you have proof that my server distributes viruses?

@k1ller
That's what I did when I was so to speak, "related to botnet":
1. I managed them through a single program
2. Flood MvPRO Server with botnet :mrgreen:
And all

Words about the fact that I was then distributed botnet is all fairy tales and fables of Internet users.
The spread of botnets to engage in "vkontakte"
A botnet recreated himself "ratwayer"

#13 MvPRO Administrator

MvPRO Administrator

    Fakes detector

  • Russian Moderator
  • 2,310 posts
529
  • LocationMoscow, Russia

Posted 22 April 2011 - 11:39 AM


k1ller, i am tired to repeat. Dont argue. I have to sense to lie. All chat logs about botnet and edavrio`s actions (use) and participant in it here in public:
http://c-s.net.ua/fo...ndpost&p=209322

@MvPRO
You do repeat your messages. You do argue right now by your message. You have "sense" to lie because you are hosting your servers yourself. You've been caught several times lying to your customers.

Chat logs about botnet are publicly available at http://c-s.net.ua/fo...2&#entry209322. That is no secret.

:pinch:
Lets make setti better!
Find servers which break rules and report!


If you have any questions, you can talk with me on ICQ: 376421296 or E-Mail: admin@mvpro.net

#14 edavrio

edavrio

    One of us

  • Members
  • 129 posts
44

Posted 22 April 2011 - 02:05 PM



k1ller, i am tired to repeat. Dont argue. I have to sense to lie. All chat logs about botnet and edavrio`s actions (use) and participant in it here in public:
http://c-s.net.ua/fo...ndpost&p=209322

@MvPRO
You do repeat your messages. You do argue right now by your message. You have "sense" to lie because you are hosting your servers yourself. You've been caught several times lying to your customers.

Chat logs about botnet are publicly available at http://c-s.net.ua/fo...2&#entry209322. That is no secret.

:pinch:

Ok boss!!!11111 :mellow:

#15 k1ller

k1ller

    Admin

  • Moderators - Admin
  • 4,261 posts
456

Posted 22 April 2011 - 03:28 PM

<_<
Posted Image

#16 Answerwiz

Answerwiz

    Member

  • Members
  • 27 posts
4

Posted 20 May 2011 - 03:26 PM

Thank you for the information.
--




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users