Jamespot hacked

Landing on "jamespot(dot)com" the visitor is presented with the following Internet Explorer 7 warning ...

Folks any time you see that warning "Remote Data Services Data Control" watch out! ... this is NOT from Microsoft! This is the generic warning IE7 throws up when an exploit is trying to enter the system.

Can you spot the culprit below? ... it took me a few to find it (hidden in an image) ... "xt_img.gif"

I highlighted (in blue) the culprit and pasted the code above (in gray) which when decoded revels the entry highlighted in red.
Note: Jamespot is not the culprit here, there are simply another site/server that have been hacked and 3rd party malicious code injected. I have contacted them and hopefully this will not take too long to correct ...

Once the entry highlighted in red was added to the HOSTS file and Jamespot was revisited, IE7 no longer generates the warning. This just goes to show that users should upgrade to Vista and/or IE7 ... as the Vista version runs in "Protected Mode" and is less subjected to exploits.

Published Mon, Sep 10 2007 2:56 by winhelp2002

Comments

# re: Jamespot hacked

Monday, September 10, 2007 2:33 PM by Chris

Note also discussion at

groups.google.com/.../3496801093022759

the same people?

# re: Jamespot hacked

Monday, September 10, 2007 5:10 PM by Mike (aka: WinHelp2002)

Chris,

Yes it appears to be the same culprit ...

# re: Jamespot hacked

Tuesday, October 02, 2007 9:38 PM by mdc

I have Vista and it pops up on Comcast everytime I enter the page. Is there a way to turn it off? My Vista is running in Protected Mode:On.

# re: Jamespot hacked

Wednesday, October 03, 2007 1:09 AM by Mike (aka: WinHelp2002)

mdc,

I'm not quite sure what you are asking?

What pops up on Comcast?