Is Aminet OK/infected?

[Hitek]

Now it appears that Amibay.com has been hit, but the code injection was done poorly, so the whole site is broke and just throws a php cookie/session error.

[Hitek]

Interesting, I can get to it on my ubuntu box too, but not on my win7 box. I wonder if there is some OS detection going on there.

[Hitek]

hxxp://XXXXXXXX.igg.biz/d/404.php?go=1 seems same type as the Aminet one.

yeah, that's what I was saying. Same type of injection attack used on aminet. Probably not a coincidence. The code seems to change as well. I got one earlier for XXXXXXXX.usa.cc/site/main.php? earlier.

[Hitek]

DON'T GO THERE!!!
I just went there on my XP machine and that lovely java icon popped up on the toolbar and my hard drive started grinding away.... I PULLED THE PLUG!

STAY WELL AWAY!!

Do you not have virus protection? Any modern virus package should protect against that.

Whats happened to amibay? my pc won't let me go there (firefox)

How did they catch the virus from aminet? surely they must have had some form of protection?

Amibay didn't "catch" the virus from aminet, both sites appear to have been hacked at some level. It could have been somebody sneaking something in via sql injection, or someone gaining root level access to the server, it's hard to tell at this point.

Either way, I'm surprised it hasn't been fixed yet. I'm sure *someone* over there has to know about it.

Keith