I have confirmed archive.ph, which archive.today redirects to, has malicious code which attempts to spam gyrovague.com with requests.
-
I have confirmed archive.ph, which archive.today redirects to, has malicious code which attempts to spam gyrovague.com with requests. The code I independently verified matches the code in the Hacker News post.
Behind CloudFlare:
https://tria.ge/260116-d3jafadj81/behavioral1Do not use archive.today, archive.is, and archive.ph. By accessing these websites, you are donating your bandwidth to a botnet of unknown origin and purpose.
Original source:
https://social.coop/@eb/115902323900229756An emergency update to the Malicious Website Blocklist has been made to counter this threat. An emergency update is currently in the works to fix the emergency update as it is in the wrong place (I want to link to this toot in the update, so waiting to commit until I post).
-
I have confirmed archive.ph, which archive.today redirects to, has malicious code which attempts to spam gyrovague.com with requests. The code I independently verified matches the code in the Hacker News post.
Behind CloudFlare:
https://tria.ge/260116-d3jafadj81/behavioral1Do not use archive.today, archive.is, and archive.ph. By accessing these websites, you are donating your bandwidth to a botnet of unknown origin and purpose.
Original source:
https://social.coop/@eb/115902323900229756An emergency update to the Malicious Website Blocklist has been made to counter this threat. An emergency update is currently in the works to fix the emergency update as it is in the wrong place (I want to link to this toot in the update, so waiting to commit until I post).
Hey Benjamin! Das scheint eine heiße Geschichte zu sein...
Die bekannte Archivierungs-Plattform archive.today scheint schädlichen Code eingebettet zu haben...
Weitere Quellen / Infos:
-
I have confirmed archive.ph, which archive.today redirects to, has malicious code which attempts to spam gyrovague.com with requests. The code I independently verified matches the code in the Hacker News post.
Behind CloudFlare:
https://tria.ge/260116-d3jafadj81/behavioral1Do not use archive.today, archive.is, and archive.ph. By accessing these websites, you are donating your bandwidth to a botnet of unknown origin and purpose.
Original source:
https://social.coop/@eb/115902323900229756An emergency update to the Malicious Website Blocklist has been made to counter this threat. An emergency update is currently in the works to fix the emergency update as it is in the wrong place (I want to link to this toot in the update, so waiting to commit until I post).
I have posted about this on BlueSky and X.
https://bsky.app/profile/did:plc:ysz3jltsuhnyrqrskrcbcz2s/post/3mcj75vyiec2uhttps://x.com/iam_py_test/status/2012010781622353950I have also blocklisted it in Imre's malware list.
Despite times call for despite measures. It isn't often a popular website starts DDoSing somebody.
I have also informed members of the content filtering community though a red phone on my desk.
-
Hey Benjamin! Das scheint eine heiße Geschichte zu sein...
Die bekannte Archivierungs-Plattform archive.today scheint schädlichen Code eingebettet zu haben...
Weitere Quellen / Infos:
@proton_xor @iampytest1 _/(0_0)7 Roger, guck ich mir an
-
@proton_xor @iampytest1 _/(0_0)7 Roger, guck ich mir an
@Murmel @iampytest1 ja moin, auch schon so früh wach
-
@Murmel @iampytest1 ja moin, auch schon so früh wach
@proton_xor @iampytest1 Jau, Wecker geht um 4:45 ^^ Dafür heute auch noch verpennt ¯\_(ツ)_/¯
-
I have confirmed archive.ph, which archive.today redirects to, has malicious code which attempts to spam gyrovague.com with requests. The code I independently verified matches the code in the Hacker News post.
Behind CloudFlare:
https://tria.ge/260116-d3jafadj81/behavioral1Do not use archive.today, archive.is, and archive.ph. By accessing these websites, you are donating your bandwidth to a botnet of unknown origin and purpose.
Original source:
https://social.coop/@eb/115902323900229756An emergency update to the Malicious Website Blocklist has been made to counter this threat. An emergency update is currently in the works to fix the emergency update as it is in the wrong place (I want to link to this toot in the update, so waiting to commit until I post).
@iampytest1 what's the Malicious Website Blocklist? -
I have confirmed archive.ph, which archive.today redirects to, has malicious code which attempts to spam gyrovague.com with requests. The code I independently verified matches the code in the Hacker News post.
Behind CloudFlare:
https://tria.ge/260116-d3jafadj81/behavioral1Do not use archive.today, archive.is, and archive.ph. By accessing these websites, you are donating your bandwidth to a botnet of unknown origin and purpose.
Original source:
https://social.coop/@eb/115902323900229756An emergency update to the Malicious Website Blocklist has been made to counter this threat. An emergency update is currently in the works to fix the emergency update as it is in the wrong place (I want to link to this toot in the update, so waiting to commit until I post).
@iampytest1 honestly a pretty reasonable response to a doxing attempt
-
I have confirmed archive.ph, which archive.today redirects to, has malicious code which attempts to spam gyrovague.com with requests. The code I independently verified matches the code in the Hacker News post.
Behind CloudFlare:
https://tria.ge/260116-d3jafadj81/behavioral1Do not use archive.today, archive.is, and archive.ph. By accessing these websites, you are donating your bandwidth to a botnet of unknown origin and purpose.
Original source:
https://social.coop/@eb/115902323900229756An emergency update to the Malicious Website Blocklist has been made to counter this threat. An emergency update is currently in the works to fix the emergency update as it is in the wrong place (I want to link to this toot in the update, so waiting to commit until I post).
Oha, Vorsicht alle, die hierüber paywalled Links "ins Netz befreien"!
#Schadcode
RE: https://infosec.exchange/@iampytest1/115902693235671566 -
S svenja@mstdn.games shared this topic
W wiase@ibe.social shared this topic
-
I have confirmed archive.ph, which archive.today redirects to, has malicious code which attempts to spam gyrovague.com with requests. The code I independently verified matches the code in the Hacker News post.
Behind CloudFlare:
https://tria.ge/260116-d3jafadj81/behavioral1Do not use archive.today, archive.is, and archive.ph. By accessing these websites, you are donating your bandwidth to a botnet of unknown origin and purpose.
Original source:
https://social.coop/@eb/115902323900229756An emergency update to the Malicious Website Blocklist has been made to counter this threat. An emergency update is currently in the works to fix the emergency update as it is in the wrong place (I want to link to this toot in the update, so waiting to commit until I post).
Other domains of archive.today i've found:
- archive.fo
- archive.li
-
@iampytest1 honestly a pretty reasonable response to a doxing attempt
@whitequark @iampytest1 Just read that blog post and yeah, what on earth? Why would they just dox the owner like that?!
-
I have confirmed archive.ph, which archive.today redirects to, has malicious code which attempts to spam gyrovague.com with requests. The code I independently verified matches the code in the Hacker News post.
Behind CloudFlare:
https://tria.ge/260116-d3jafadj81/behavioral1Do not use archive.today, archive.is, and archive.ph. By accessing these websites, you are donating your bandwidth to a botnet of unknown origin and purpose.
Original source:
https://social.coop/@eb/115902323900229756An emergency update to the Malicious Website Blocklist has been made to counter this threat. An emergency update is currently in the works to fix the emergency update as it is in the wrong place (I want to link to this toot in the update, so waiting to commit until I post).
@iampytest1 Did you report that to Google Safe Browsing?
Given the fact it's enabled to default in most browsers, it those sites gets blocked there, they would effectively be blocked Internet-wide (almost same as domain seize).
UPD: I reported those domains as well. -
I have confirmed archive.ph, which archive.today redirects to, has malicious code which attempts to spam gyrovague.com with requests. The code I independently verified matches the code in the Hacker News post.
Behind CloudFlare:
https://tria.ge/260116-d3jafadj81/behavioral1Do not use archive.today, archive.is, and archive.ph. By accessing these websites, you are donating your bandwidth to a botnet of unknown origin and purpose.
Original source:
https://social.coop/@eb/115902323900229756An emergency update to the Malicious Website Blocklist has been made to counter this threat. An emergency update is currently in the works to fix the emergency update as it is in the wrong place (I want to link to this toot in the update, so waiting to commit until I post).
I'm a bit concerned. Last night before I shut down my computer, and this morning when I turned it on, a popup from archive dot today appeared on my screen. I have no idea where it came from, but I didn't open it. Should I be worried or not?? I've used archive dot is many times in the past.
-
I'm a bit concerned. Last night before I shut down my computer, and this morning when I turned it on, a popup from archive dot today appeared on my screen. I have no idea where it came from, but I didn't open it. Should I be worried or not?? I've used archive dot is many times in the past.
@Bette what kind of popup?
The malicious code on archive[.]today runs within your browser; it doesn't infect your computer with malware.
-
@Bette what kind of popup?
The malicious code on archive[.]today runs within your browser; it doesn't infect your computer with malware.
It's not like a regular pop up. It goes from the top of the screen to the bottom and is centered on the screen and at least five inches wide. It encourages me to visit archive today.
-
It's not like a regular pop up. It goes from the top of the screen to the bottom and is centered on the screen and at least five inches wide. It encourages me to visit archive today.
@Bette that is very strange. I'm not sure what that is.
Would you mind taking a screenshot of it? -
@iampytest1 honestly a pretty reasonable response to a doxing attempt
@whitequark@social.treehouse.systems @iampytest1@infosec.exchange yeah I'm honestly a bit confused by the audacity to just put that out there for no reason
doesn't excuse this of course, but damn -
@Bette that is very strange. I'm not sure what that is.
Would you mind taking a screenshot of it?The next time it happens, sure. I quit my browser and opened it again, hoping to be able to do that, but it failed to appear (of course). It was a stand-alone, btw, it was the only thing on the screen, the browser wasn't open yet.
-
@iampytest1 what's the Malicious Website Blocklist?
@kitten It is a small blocklist I created and maintain of malware, phishing, scams, and other threats.
https://github.com/iam-py-test/my_filters_001/blob/main/antimalware.txt
-
@iampytest1 Did you report that to Google Safe Browsing?
Given the fact it's enabled to default in most browsers, it those sites gets blocked there, they would effectively be blocked Internet-wide (almost same as domain seize).
UPD: I reported those domains as well.@tapafon I did not, but I did inform the maintainers of some very popular ad-blocking lists, and one (AdGuard) has added a filter to protect their users.
-
N nocci@punk.cyber77.de shared this topic
