Crossbreed holsters site hacked?


PDA






Zundfolge
March 12, 2010, 12:05 PM
Try going to Crossbreed Holsters. [Mod Note: I wouldn't go to a reported attack page at someone else's request. - Jorg]

I get a warning that its a "Reported Attack Page!"


Looks like some Russians have hacked Crossbreed's web site and installed some sort of malware installer script on it.

That or the malware scanner on Google's crawler gave a false positive (which wouldn't surprise me).

Anyone here know the folk at Crossbreed? If so let 'em know their site is all screwed up so they can get this sorted out. :(

If you enjoyed reading about "Crossbreed holsters site hacked?" here in TheHighRoad.org archive, you'll LOVE our community. Come join TheHighRoad.org today for the full version!
Jorg Nysgerrig
March 12, 2010, 12:06 PM
You might want to read the reason Google lists before blaming anti-gunners or competitors for reporting the site:
http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=http://www.crossbreedholsters.com/

Gaiudo
March 12, 2010, 12:08 PM
The site works fine for me. Have you checked this on another computer?

mcdonl
March 12, 2010, 12:11 PM
Worked for me as well.... it is likley YOUR browser has been captured by an anti gun organization and your information has been sold to the government. They will be sending the Department of Education to your house any second now. :neener:

Jorg Nysgerrig
March 12, 2010, 12:18 PM
The site is being blocked by browsers (such as firefox) that check against lists of attack sites. If you aren't using a browser set to check that sort of thing, it will certainly let you go there.

I have removed the active link.

oasis618
March 12, 2010, 12:20 PM
Look out it's the RUSSIAN HACKERS!!!!!

Jorg Nysgerrig
March 12, 2010, 12:23 PM
If someone wants to follow up, here's their contact information:
888-732-5011
info@crossbreedholsters.com

Zundfolge
March 12, 2010, 12:33 PM
Yeah, I probably shouldn't have put the link in there (I just assumed all browsers blocked it) :uhoh:

So I wonder if emails will go through to them? I shot them an email so I guess I'll find out.

I also wonder if the malware scanner on Google's crawler is kicking out false positives.

Hellbore
March 12, 2010, 02:59 PM
Guys... to those of you who said "oh the site is working fine", you should know that it's entirely possible that the site appears fine to you only because your anti-virus software did not catch and block the malicious software!

It's entirely possible that you now have been infected by whatever software this site tries to install on your computer.

The site is listed by Google as malicious because the website contains scripting and other exploits. Look at this, last time Google tested this website was TODAY for chrissake, and look at the results:

The last time Google visited this site was on 2010-03-12, and the last time suspicious content was found on this site was on 2010-03-12.
Malicious software includes 2 scripting exploit(s), 1 exploit(s). Successful infection resulted in an average of 1 new process(es) on the target machine.

Malicious software is hosted on 1 domain(s), including topaccessories.ru/.

I have not looked closely at the code yet to try and find the exploits, but it looks to me like the people this company had design their website have included some little exploits in there.

At any rate, beware...

Grayrider
March 12, 2010, 04:44 PM
Crossbreed is on it and has the hosting company correcting the issue. Typical security breach. The Internet is a dangerous place as we all know.

:(

John

miamiboy
March 12, 2010, 07:55 PM
Yeah, I'm getting it, too, using Firefox. I'm sure it's nothing much (I hope).

LOL @ mcdonl

Walkalong
March 12, 2010, 09:21 PM
Firefox and IE both threw up a warning for me.

Domineaux
March 12, 2010, 10:48 PM
I'm a web host and though I haven't tested their site it is most likely a simple matter of a vulnerability in the site code was exploited to install something like an iframe or javascript code which causes your browser to retrieve content from the external malicious site.
Unfortunately these things happen all the time which is why it is so critical for a web site owner to ensure that their code is well updated and any security measures that are available for the code are utilized. Things like making sure php register_globals is disabled, mod_security or even .htaccess rewrite rules can help a lot to avoid such issues.

If you enjoyed reading about "Crossbreed holsters site hacked?" here in TheHighRoad.org archive, you'll LOVE our community. Come join TheHighRoad.org today for the full version!