Page 10 of 13

Re: Site shutdown today from .RAR virus files uploaded?

Posted: Tue Aug 22, 2023 8:40 pm
by RedEye
Hello friends,

Just got back from hospital last night, warded for a week for a broken heel :sweat: Not gonna be active for the next few days I guess. -
In this matter, I would suggest everyone search their computer for any RAR files that are exactly 4,156,651 bytes in size downloaded from anywhere (not just from this forum). We had reports that similar type of RAR files also infected other sites. Right click on the file, choose Properties and window will show you the file size. -
The infected files downloaded from here has this content as shown. The file content clearly shows that files in the RAR file are created on 17th and 18th of July 2023. So, we might want to be careful with files from those dates onwards.
- Permanently delete those RAR files, unless you want to examine it in a sandbox.

-RedEye-

Stop uploading in RAR format

Posted: Tue Aug 22, 2023 9:09 pm
by boytoy
RedEye wrote: Tue Aug 22, 2023 8:40 pm Permanently delete those RAR files, unless you want to examine it in a sandbox.

-RedEye-
Jeezus man how did you do that to your heel? Motorbike?? Whoever finds the need to upload files in .rar format is a fucking retard just stop it as a whole how hard is it to upload files in .zip or as they are??

Re: Stop uploading in RAR format

Posted: Tue Aug 22, 2023 9:29 pm
by Forexlearner
boytoy wrote: Tue Aug 22, 2023 9:09 pm Jeezus man how did you do that to your heel? Motorbike?? Whoever finds the need to upload files in .rar format is a fucking retard just stop it as a whole how hard is it to upload files in .zip or as they are??
it makes no difference using rar or zip, you wont be safer downloading zip files. They just happened to use rar for some reason. They can easily start using zip files.
The individual files inside are the problem not the package

Re: Site shutdown today from .RAR virus files uploaded?

Posted: Tue Aug 22, 2023 9:40 pm
by BeatlemaniaSA
Are the infected files within the .rar archives detectable by current virus checkers?

A good security practice should be to ALWAYS virus scan any downloaded files and archives. Set your virus checker to do this automatically.

Re: Site shutdown today from .RAR virus files uploaded?

Posted: Tue Aug 22, 2023 10:11 pm
by Forexlearner
BeatlemaniaSA wrote: Tue Aug 22, 2023 9:40 pm Are the infected files within the .rar archives detectable by current virus checkers?

A good security practice should be to ALWAYS virus scan any downloaded files and archives. Set your virus checker to do this automatically.
i had a antivirus that didn't catch any virus on the 1st time this happen, your mileage may vary according to whatever you're using, i don't think anything is 100% certain to catch everything, it may give a fall sense of security

Re: Site shutdown today from .RAR virus files uploaded?

Posted: Mon Aug 28, 2023 9:06 am
by Forexlearner
So things were not exactly as i said. Winrar had a vulnerability that can be exploited, you can read more about it here:

https://www.ghacks.net/2023/08/24/winra ... n-thought/

long story short, even opening just the rar file, without opening the files inside is enough to be hacked. Everyone using winrar should update to the latest version, 6.23, or in alternative do as i did, just uninstall it for good and use 7zip instead, it's open source and more secure.
I guess that's why they loved rar files so much.

Stay safe.

Re: Site shutdown today from .RAR virus files uploaded?

Posted: Thu Aug 31, 2023 3:52 am
by Chickenspicy
Id suggest putting that 2 step verification and backup email on your email

Suspicious activity with my email, the extra letters to type in usually dont appear unless you got the password wrong

Re: Site shutdown today from .RAR virus files uploaded?

Posted: Sun Sep 03, 2023 5:26 pm
by BeatlemaniaSA
Instructions on in to remove any virus from your system 👇


Re: Site shutdown today from .RAR virus files uploaded?

Posted: Sun Sep 03, 2023 5:52 pm
by moey_dw
mrtools wrote: Tue Aug 22, 2023 4:10 pm Yes, big time, downloaded a rar. file noticed it was possibly a virus so deleted it...
BeatlemaniaSA wrote: Sun Sep 03, 2023 5:26 pm Instructions on in to remove any virus from your system 👇
Thx I think mrtoolz be good to watch this video just in case you are target of some assholes........ I also suspect could be someone he is trading blows with on forexfactory in the past bcos it seem very targetted 🤔🤔🤔

Re: Site shutdown today from .RAR virus files uploaded?

Posted: Fri Sep 08, 2023 5:21 am
by Chickenspicy
I scan malwarebytes today and found something
Also reset my firewall settings
Because that could have been an entry point
& bootup password
Because you can infect computers through bootup usbs