VideoWhisper.com Safe Again

Posted Mon, 08/17/2009 - 14:27 by VideoConference...

Tags:
- vulnerability,
- videowhisper,
- suspicious,
- security,
- safe,
- reset,
- phishing,
- malware,
- hacked,
- google,
- firefox,
- filters,
- filter,
- database,
- clean,
- chrome,
- cache,
- badware

Currently safety reports show the site as safe.

Links below show report pages:

Google Report

What is the current listing status for videowhisper.com?

This site is not currently listed as suspicious.

Dasient Report

Not Blacklisted on:

UnmaskParasites Report

This page seems to be <clean>

Google and Chrome updated clean status almost instantly. Firefox had a caching delay. There is a solution to force update of the Firefox badware protection database:

Delete urlclassifier3.sqlite to reset the phishing protection database.
That file can be found in the parent location of the cache (see the about:cache page, via the location bar):

XP: C:\Documents and Settings\<user>\Local Settings\Application Data\Mozilla\Firefox\Profiles\<profile>\
VISTA: C:\Users\<user>\AppData\Local\Mozilla\Firefox\Profiles\<profile>\

VideoWhisper staff contributed with development for this tool to get everything scanned cleaned up on the site:
Download Malware Scanner

Full Story About VideoWhisper.com Being Hacked

On 15 August 2009 VideoWhisper com staff discovered that the main site has been hacked and also blacklisted by Google, Firefox, Chrome.

Attacker inserted malicious html content that loaded pages from his site using invisible iframes probably to generate fake traffic. All index.php, .htm, .html files were corrupted by adding html code with invisible iframes at their end.

VideoWhisper developers built a script that found and removed all malicious content.

Now Dasient com shows for the VideoWhisper site 0 infected pages of all 33 pages quick scanned.

The cleanup script scans all site files for certain strings and code and can also remove certain code. VideoWhisper will probably release this tool to the public domain when this is cleared up.

Looks like the source of the problems came from a htmlarea component. Attacker managed to upload a .jpg.php file and various exploits from there. VideoWhisper staff removed it completely.

The VideoWhisper site was also blacklisted by google / firefox / chrome. Owners already posted a review request as they found and fixed the problems fast.

VideoWhisper removed vulnerability, fixed content, changed passwords, requested safety review from google.

Video Conference Software

User login

VideoWhisper.com Safe Again