Jump to content
Instructions on joining the Members Only Forum

Pattaya Talk infected with virus / ongoing now a few years


Recommended Posts

  • 2 weeks later...
  • Replies 68
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

I found and removed the malware (again) about a week ago.   In the last two days it had come back, and this time was totally different in its signature, so finding it was not possible using the tec

I had the same problem with the sudden disappearance of red-green buttons Monday evening and now they are back. Thanks!   Evil

Google link still working for me today.

Posted Images

Just letting you know I received the URL4SHORT redirect tonight. Did a google search for pattaya talk, clicked the Forums - Pattaya Talk Forum header on the result page and got the redirect :angry2:

Back again today via the same search method.

Link to post
Share on other sites
  • 2 weeks later...

Just letting you know I received the URL4SHORT redirect tonight. Did a google search for pattaya talk, clicked the Forums - Pattaya Talk Forum header on the result page and got the redirect :angry2:

 

Sound like a broken record but its back :angry2

Link to post
Share on other sites

Have you fixed it in a hurry?

 

I tried the link to the forums and got a redirect, closed the window and tried all the other options, all went to where they were supposed to, then tried the forums link and it went to where it was supposed to.

Link to post
Share on other sites

Have you fixed it in a hurry?

 

I tried the link to the forums and got a redirect, closed the window and tried all the other options, all went to where they were supposed to, then tried the forums link and it went to where it was supposed to.

No..it's got a sort of complex algorithm for when it redirects, probably so it's harder to catch.

I'll clean it up again this morning.

Thanks.

 

Sent from my SM-G900F using Tapatalk

Link to post
Share on other sites
  • 3 months later...

to redirect they are using this IP address

Martin can you not complain directly to...

Access Integrated Technologies and they may stop or ban this redirect site


 

 

 

General IP Information IP: 66.199.231.59 Decimal: 1120397115 Hostname: 66-199-231-59.reverse.ezzi.net ASN: 15149 ISP: Access Integrated Technologies Organization: Access Integrated Technologies Services: None detected Type: Corporate Assignment: Static IP Blacklist: Geolocation Information Continent: North America Country: United States us.png State/Region: Texas City: Katy Latitude: 29.7397 (29° 44′ 22.92″ N) Longitude: -95.8302 (95° 49′ 48.72″ W) Postal Code: 77494

 

this is starting with a Cuba company

Hostname url4short.info ISP Access Integrated Technologies, Inc. (AS15149) Continent North America Flag
CU.png
Country Cuba Country Code CU (CUB) Region 8 Local time Metropolis Unknown Postal Code Brooklyn City !NY Latitude 148.939 IP Address 66.199.231.59 Longitude

-178.715

 

Edited by seanss
Link to post
Share on other sites
  • 2 weeks later...

You might want to install Tripwire on your server!

 

https://en.wikipedia.org/wiki/Open_Source_Tripwire

 

That was an interesting link. Since I cannot seem to eradicate the malware infection vector itself (been trying for years), this gave me the idea to attack the problem as you describe TripWire doing.

We now have a job that runs every few minutes to check the file that gets infected, and if it has changed from what it is supposed to be, it is replaced by a good copy saved from the last time the redirection was cleaned out.

With any luck, this will work and catch the problem before anyone encounters it.

Fingers crossed.

It started again today !

Thanks for letting me know. As above, there is a chance that the problem has been addressed in a way that will significantly reduce its impact.

  • Upvote 1
Link to post
Share on other sites

 

That was an interesting link. Since I cannot seem to eradicate the malware infection vector itself (been trying for years), this gave me the idea to attack the problem as you describe TripWire doing.

We now have a job that runs every few minutes to check the file that gets infected, and if it has changed from what it is supposed to be, it is replaced by a good copy saved from the last time the redirection was cleaned out.

With any luck, this will work and catch the problem before anyone encounters it.

Fingers crossed.

Thanks for letting me know. As above, there is a chance that the problem has been addressed in a way that will significantly reduce its impact.

Cool

Link to post
Share on other sites

Yeah, haven't tried outside of my bookmark for a while but was redirected just now coming in from google. The infection might be tiptoeing over the wire. :D

Link to post
Share on other sites

well for the first time I got 2 redirects trying to get here this time !

 

 

Yeah, haven't tried outside of my bookmark for a while but was redirected just now coming in from google. The infection might be tiptoeing over the wire. :D

Yeah, guys, thanks.

 

The virus was ahead of my cure...back to the drawing board.

Link to post
Share on other sites

After that last hopeful post, and the subsequent reporting that the problem was still there, I found out that I had closed the barn door after the horse had escaped.

 

With luck, he's back in the stable and the door now has a more secure lock.

Link to post
Share on other sites

To make that last post clearer in case the analogy was unclear, let me rephrase:

 

I believe the problem has been rectified, or at least reduced to insignificance.

 

Please do your best to check if it reoccurs.

 

How to check:

1) Do a GOOGLE search for "Pattayatalk"

2) Click on an entry that links to Pattayatalk Forums (should be on the first page)

3) If you get a redirect to URL4SHORT.INFO, report it PLEASE

 

This will only redirect the first time you do this...after that, it should not happen again for at least 10 hours

----UNLESS you delete the cookie for www.pattayatalk.com which is in your browser

 

Have at it!

Capture.PNG

Link to post
Share on other sites

I have not had a redirect for years, likely as I access from the Tab List.

Using a Google Search just worked OK for me.

Link to post
Share on other sites

I have not had a redirect for years, likely as I access from the Tab List. Using a Google Search just worked OK for me.

For some strange reason, known only to the developers of the redirect malware, they only redirect when the source of the arrival is from one of the search engines, and even then, they only do it once every 10 hours or more.

 

Like you, I always use a bookmark, so it never happens to me unless I am just trying to check if IT'S BAAAAACK again.

 

Unfortunately, it does (did?) primarily affect those who are searching for information on Pattaya and end up trying to link to this forum. Not a good first impression .

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.


×
×
  • Create New...