It sounds like what I got. This thing tried to download XP Antivirus software, which I stopped by disconnecting the machine. However, the maleware changed the Windows setting so it was no longer possible to access task manager. Furthermore, attempts to delete the maleware by legit antivirus programs proved unsuccessful.
One more question - is it possible to do pay these assholes back in some way? I am surprised that the USG and other authorities do so little to fight cyber crime. It produces far greater economic losses than the street crime, no?
Wojtek
--- On Thu, 3/19/09, shag carpet bomb <shag at cleandraws.com> wrote:
> From: shag carpet bomb <shag at cleandraws.com>
> Subject: Re: [lbo-talk] The Nation web site sabotaged?
> To: lbo-talk at lbo-talk.org
> Date: Thursday, March 19, 2009, 8:35 PM
> At 08:02 PM 3/19/2009, Wojtek
> Sokolowski wrote:
>
> > I tried to search something on The Nation's web site
> today and I got a really nasty virus which McAfee was unable
> to detect. I had to factory restore the hard drive to
> get rid of it. I downloaded a new anti-virus software
> (AVG - free edition) and tried to visit The Nation
> again. This time the anti-virus software detected the
> threat.
> >
> > But it looks like some right-wing Repug swine
> booby-trapped their web site. Is there any way to
> confirm that?
>
> without more info, hard to say exactly what you
> encountered, but I came across a couple earlier this week.
> there's a rash of attacks on web sites lately (actually,
> been going on for 2 years) that has nothing to do with
> politics -- in the sense you mean, though maybe Russian
> crime politics. I dunno. it sounds like an iframe injection
> attack, http://arstechnica.com/security/news/2008/03/ongoing-iframe-attack-proving-difficult-to-kill.ars
>
> which, a year ago, was exploited by RBN, Russian Business
> Network: http://en.wikipedia.org/wiki/Russian_Business_Network
>
> "is a multi-faceted cybercrime organization, specializing
> in and in some cases monopolizing personal identity theft
> for resale. It is the originator of MPack and an alleged
> operator of the Storm botnet.[1][2][3] The RBN, which is
> notorious for its hosting of illegal and dubious businesses,
> originated as an Internet service provider for child
> pornography, phishing, spam, and malware distribution
> physically based in St. Petersburg, Russia. By 2007, it
> developed partner and affiliate marketing techniques in many
> countries to provide a method for organized crime to target
> victims internationally "
>
> --
> http://cleandraws.com
> Wear Clean Draws
>
> ___________________________________
> http://mailman.lbo-talk.org/mailman/listinfo/lbo-talk
>