Merry Christmas and welcome to Packard Motor Car Information! If you're new here, please register for a free account.  
Login
Username:

Password:

Remember me



Lost Password?

Register now!
FAQ's
Main Menu
Recent Forum Topics
Who is Online
120 user(s) are online (116 user(s) are browsing Forums)

Members: 1
Guests: 119

Ozstatman, more...
Helping out...
PackardInfo is a free resource for Packard Owners that is completely supported by user donations. If you can help out, that would be great!

Donate via PayPal
Video Content
Visit PackardInfo.com YouTube Playlist

Donate via PayPal




PLEASE READ: Malware Filenames
#1
Webmaster
Webmaster

BigKev
See User information
Folks, I have had a few users report Virus scanners have occasionally reported things when viewing pages here on the website. I've done extensive scans and found nothing directly with the files. Today I got a hit on my Malware detector on my Mac and after coming through the logs, it was tagged a suspicious image filename from the website forums here.

After figuring out the pattern, I found about 25 images that were posted to the forums that had unusual names over the last two years. Apparently these usual names contain coded malware that can trick some browsers into executing code. I have since deleted all the suspicious pictures with the names in questions. The original picture's filenames are stored in the DB, and the files themselves are stored on disk under a forum generated name. This is why nothing is ever triggered in the file level filescans.

These pictures were uploads by a handful of users, and I am suspecting unknowingly. I believe their PC's maybe infected, and when they upload pictures, it alters the picture name to add this embedded malware code. I'll privately send them a note so they can scan their PCs.

So, if you notice any pictures with the an unusual names similar to the attached screenshot, please let me know ASAP so I can remove it and notify the user.

While the website itself is not infected with anything, these filenames can cause a problem with older, or outdated browsers, and Java clients. SoI highly recommend you run the latest version of your selected browser and make sure all your security updates are in place. Also please make sure you update your Java software to run the latest version that has numerous fixes. I run Chrome, and have not had any issues. Also everyone should also be running good, updated Virus/Malware detection software.

As I said before, I have already removed all the files that have similar or unusual filenames, so the current threat from the website should be Nill, and I will try to add a later of protection code to filter out any of those kind of filenames in the future.

Regards,

Attach file:



jpg  (15.22 KB)
1_512bb9982dc77.jpg 593X178 px

Posted on: 2013/2/25 14:30
-BigKev


1954 Packard Clipper Deluxe Touring Sedan -> Registry | Project Blog

1937 Packard 115-C Convertible Coupe -> Registry | Project Blog
 Top  Print   
 


Re: PLEASE READ: Malware Filenames
#2
Forum Ambassador
Forum Ambassador

Randy Berger
See User information
Thank you Kev for jumping on this problem right away. It is very much appreciated.

Posted on: 2013/2/25 14:43
 Top  Print   
 


Re: PLEASE READ: Malware Filenames
#3
Webmaster
Webmaster

BigKev
See User information
Also if anyone else gets any additional "Virus/Malware Detection" hits while viewing any of the pages here on the website, please copy the entire URL at the top of the page and what the scanner reported and send it to me via email. This is the only way I can track down exactly what you were looking at when the detection happened, and see what may have caused the detection. I'm pretty sure I have this nipped in the bud, but an abundance of caution is always wanted.

Posted on: 2013/2/25 15:09
-BigKev


1954 Packard Clipper Deluxe Touring Sedan -> Registry | Project Blog

1937 Packard 115-C Convertible Coupe -> Registry | Project Blog
 Top  Print   
 


Re: PLEASE READ: Malware Filenames
#4
Home away from home
Home away from home

Steve
See User information
Thank you BigKev for giving so freely of your time, energy and expertise.

Regards,
Steve Fisher

Posted on: 2013/2/25 15:40
Steve
Old cars are my passion

1951 Packard 200
1953 Packard Clipper Custom Touring Sedan
1955 Dodge Custom Royal Lancer Tri-tone
1966 Rambler Classic 770 Convertible
 Top  Print   
 


Re: PLEASE READ: Malware Filenames
#5
Forum Ambassador
Forum Ambassador

Ozstatman
See User information
Kev,

Don't know if this is related but I notice the Random Photo doesn't appear to be refreshing. At present it's had this picture for at least a couple of hours. Whereas it usually refreshes in a much shorter period of time, probably about 15/30 minutes?
And, no doubt, now that I raise the issue it'll refresh!

Attach file:



jpg  (71.27 KB)
226_51317f753b0a2.jpg 1024X768 px

Posted on: 2013/3/1 23:27
Mal
/o[]o\
====

Bowral, Southern Highlands of NSW, Australia
"Out of chaos comes order" - Nietzsche.

1938 Eight Touring Sedan - SOLD

1941 One-Twenty Club Coupe - SOLD

1948 Super Eight Limo, chassis RHD - SOLD

1950 Eight Touring Sedan - SOLD

What's this?
Put your Packard in the Packard Vehicle Registry!
Here's how!
Any questions - PM or email me at ozstatman@gmail.com
 Top  Print   
 


Re: PLEASE READ: Malware Filenames
#6
Forum Ambassador
Forum Ambassador

Ozstatman
See User information
"..no doubt, now that I raise the issue it'll refresh!"
It didn't, it's still there!

Posted on: 2013/3/2 14:47
Mal
/o[]o\
====

Bowral, Southern Highlands of NSW, Australia
"Out of chaos comes order" - Nietzsche.

1938 Eight Touring Sedan - SOLD

1941 One-Twenty Club Coupe - SOLD

1948 Super Eight Limo, chassis RHD - SOLD

1950 Eight Touring Sedan - SOLD

What's this?
Put your Packard in the Packard Vehicle Registry!
Here's how!
Any questions - PM or email me at ozstatman@gmail.com
 Top  Print   
 


Re: PLEASE READ: Malware Filenames
#7
Webmaster
Webmaster

BigKev
See User information
I think I changed it to refresh every 6 hours. So more of a "photo of the day"

Posted on: 2013/3/2 14:56
-BigKev


1954 Packard Clipper Deluxe Touring Sedan -> Registry | Project Blog

1937 Packard 115-C Convertible Coupe -> Registry | Project Blog
 Top  Print   
 


Re: PLEASE READ: Malware Filenames
#8
Home away from home
Home away from home

Stephen Houseknecht
See User information
Although I am on a Mac w/Firefox, thank you.

Posted on: 2013/3/2 18:22
Stephen
 Top  Print   
 


Re: PLEASE READ: Malware Filenames
#9
Forum Ambassador
Forum Ambassador

Ozstatman
See User information
"...I changed it to refresh every 6 hours"

Still waiting....waiting....waiting.

My initial post was at 20:27 yesterday, it's now about 21:47 today. Looks like it's stuck!

Posted on: 2013/3/3 0:48
Mal
/o[]o\
====

Bowral, Southern Highlands of NSW, Australia
"Out of chaos comes order" - Nietzsche.

1938 Eight Touring Sedan - SOLD

1941 One-Twenty Club Coupe - SOLD

1948 Super Eight Limo, chassis RHD - SOLD

1950 Eight Touring Sedan - SOLD

What's this?
Put your Packard in the Packard Vehicle Registry!
Here's how!
Any questions - PM or email me at ozstatman@gmail.com
 Top  Print   
 


Re: PLEASE READ: Malware Filenames
#10
Forum Ambassador
Forum Ambassador

Ozstatman
See User information
See the Random Photo has "clicked over" to another pic.

Posted on: 2013/3/4 0:48
Mal
/o[]o\
====

Bowral, Southern Highlands of NSW, Australia
"Out of chaos comes order" - Nietzsche.

1938 Eight Touring Sedan - SOLD

1941 One-Twenty Club Coupe - SOLD

1948 Super Eight Limo, chassis RHD - SOLD

1950 Eight Touring Sedan - SOLD

What's this?
Put your Packard in the Packard Vehicle Registry!
Here's how!
Any questions - PM or email me at ozstatman@gmail.com
 Top  Print   
 









- The following Google Ad-Sense Advert helps fund the cost of providing this free resource -
- Logged in users will not see these. Please Join and Donate to help support the website -
Search
Recent Photos
Photo of the Day
Recent Registry
Upcoming Events
Website Comments or Questions?? Click Here Copyright 2006-2024, PackardInfo.com All Rights Reserved