Compromised Netgear site spreading malware and scams for more than 2 years! — 9 Comments

    • That is not an action I can approve of. I know it is protecting unwitting users following the links being malspammed out, but it removes any chain of evidence and proof of the problem

      • Idiot running the web site should have logs of who visited, who looked at pages, who uploaded and downloaded anything,
        me included. There is still a chain of evidence. Proof of the problem is that this site has been abused since 2015.
        How has nobody been in touch with the domain to say fix your sh!t since then ? Why has nobody fixed it ?
        Sorry, but I did.
        I know you don’t approve of it, but until someone does something it’s going to continue to be abused.
        I went through a lot of the files/folders in there and this desperately needed purging.

    • The problem is that somebody will at sometime get round to looking at it. See you have deleted things and can now accuse you under the various computer misuse acts because you deleted images that were used in various posts on the site
      I sympathize with you. Although it is very tempting to clean up to protect others, it is too dangerous to do. Legally you are in a worse position than the criminals who hacked the website. You deleted or damaged something. They didn’t cause any damage to the site.

      • I tipped off a friend in another country who used a VPN to do this, so good luck to whoever gets round to looking at it.
        I doubt anyone will ever go ‘looking at it’ anyway.
        There are millions of compromised WordPress sites. Well there were, now 999,999.
        If someone wants to prosecute me for fixing a problem, maybe I’m on the wrong side.

  1. and at no point did anyone ask how I managed to find the shell…
    Traverse folders and search for 2017-12
    Find php files
    password prompt ?
    Google modx.php default password
    Delete sh!t 😛

Leave a Reply

Your email address will not be published. Required fields are marked *