It's about time! Look what Idologic got!

[Peltier]

It looks like Idologic has scored the Editor's Choice Award for July!

Congrats guys and keep up the good work!

[Idologic-DH]

Thank you I noticed it a week or so ago when I saw hits from webhostmagazine in our logs It felt goooooooddd!

[JudSE]

congrats! It could not be any other way, Ido rules

[Douglas]

Yes, we are proud that we got an official award (besides client's praise - which is better than a little graphic). The image will be displayed on our new site along with our case studies (see Reseller Chat).

[infoZine]

That's great! But of course we've all known it for a long time now.

[pilgrim]

Hm, I just followed the award link and I think I just picked up a trojan (9129837.exe) on the site that seem to have come through their ad rotation. The MD5 hash is different from the one in the link below, but there is Petersburg, Russia connection as in the article here:

http://www3.ca.com/securityadvisor/b...date=2006/9/22

The connection is a suspicious-looking script that opens an iframe from MYADV.BIZ (85.249.132.76)

Once 9129837.exe loaded, it immediately ran and tried to connect to some Russian IPs and after being blocked it just keeps prodding Microsoft, Google, the Planet, Global Crossing IPs.

So beware.

pi

[Idologic-DH]

Yes my firewall blocked something too. I contacted them.

[pilgrim]

Quote:

Originally Posted by idologic_dh

Yes my firewall blocked something too. I contacted them.

If it was outgoing, then I suggest a virus scan and a reboot... I just used the trendmicro online scan and it found its pieces (files), but the thing stayed in memory as a service and kept making http calls. It hides itself in the service list, so I found it easier to just reboot than look for it. Who knows what information that thing collects. The article about the September incarnation mentions certificates - it up to no good.

pi

[Idologic-DH]

No, just incoming Nothing gets in or out my pc without my permission...