Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Firm Discovers Secret Plan To Hack Numerous Websites and Forums (softpedia.com)

Posted by BeauHD on from the foiled-again dept.

An anonymous reader writes: According to Softpedia, "Security researchers from SurfWatch Labs have shut down a secret plan to hack and infect hundreds or possibly thousands of forums and websites hosted on the infrastructure of Invision Power Services, makers of the IP.Board forum platform." The man behind this plan was a hacker known as AlphaLeon, maker of the Thanatos malware-as-a-service platform. AlphaLeon hacked IP.Board's customer hosting platform, and was planning to place an exploit kit that would infect the visitors to these websites with his Thanatos trojan, in order to grow his botnet. Some of the companies using IP.Board-hosted forums include Evernote, the NHL, the Warner Music Group, and Bethesda Softworks (Elder Scrolls, Fallout, Wolfenstein, Doom games).

14 of 29 comments (clear)

  1. Virus by fluffernutter · · Score: 1

    Sometimes Slashdot makes me feel infected.

    --
    Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
    1. Re:Virus by wbr1 · · Score: 1

      It's called slow clap.

      --
      Silence is a state of mime.
    2. Re:Virus by Anonymous Coward · · Score: 1

      Nobody here would know how to get the clap.

    3. Re:Virus by LifesABeach · · Score: 1

      Does AlphaLeon have a white kitty cat also? It would make sense then.

  2. Would we notice? by Anonymous Coward · · Score: 1

    and Bethesda Softworks (Elder Scrolls, Fallout, Wolfenstein, Doom games)

    They're all a bunch of zombies anyway, why not make their machines one too?

  3. With no clear indicator of intent by rmdingler · · Score: 3, Interesting

    I cannot tell if this is parody or... "Shut down a secret plan" ....no wait, I know which one it is.

    --
    Happiness in intelligent people is the rarest thing I know.

    Ernest Hemingway

    1. Re:With no clear indicator of intent by gweihir · · Score: 1

      Just like the FBI with "terrorists": If you do not have enough to spread fear and advance your agenda, create some!

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    2. Re:With no clear indicator of intent by rmdingler · · Score: 1
      Yes, it is true that the governors use the fear of any threat, preferentially foreign, no matter how remote it's actual threat of inflicting damage may be.

      This isn't new to the FBI, or even the NKVD or the OSS... this is 1500's Machiavellian in nature.

      --
      Happiness in intelligent people is the rarest thing I know.

      Ernest Hemingway

    3. Re:With no clear indicator of intent by gweihir · · Score: 1

      Indeed. A very old strategy, that is just as despicable today as it was throughout history. Machiavelli was probably just the first that described this well and who had his writing survive. Today, people could easily know better with all the access to information the average person has, but apparently the cave-man reflexes are stronger and so this obvious manipulation-technique keeps working.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  4. infecting with malware? by Gravis+Zero · · Score: 1, Funny

    seems a bit redundant, i mean, these people are already using PHP. ;)

    --
    Anons need not reply. Questions end with a question mark.
  5. Re:Thanatos as a virus scanner? by FatdogHaiku · · Score: 1

    I know just the place for it...
    https://xkcd.com/350/

    --
    You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
  6. Microsoft Windows strikes again .. by khz6955 · · Score: 1

    "to be attractive to its customers, Thanatos had to run on a very large number of infected hosts"

    DOH!

    "In the infosec community this structure is called a botnet"

    Thank you slashdot for this razer sharp technical analysis of distributed botnets :)

  7. LOL Invision Power. by Khyber · · Score: 2

    Their entire suite of software is shit and vulnerable. IPBoard is a complete piece of utter garbage where features that forums should have by default are pay-for plugins.

    --
    Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
  8. Re:Thanatos as a virus scanner? by Anonymous Coward · · Score: 1

    From what I've read, Thanatos is a banking malware, and by competing malware it deletes other banking trojans, not ANY malware. Otherwise it would be a 500 MB trojan, just like Kaspersky.