Circuit City Support forum serving up trojan….



Embarrasing…. and a big pain in the neck for any of their visitors… It seems as though if you’ve visited Circuit City’s Support Forum with an unpatched Internet Explorer, you likely have a trojan/backdoor of some sort on your pc. (Assuming Explorer hasn’t been patched since January. In reality – if you haven’t updated explorer since then, there are likely SEVERAL backdoors. Call someone to work on it….)


It’s really embarrasing I’m sure for the company to have been serving this up in their support forum, but what’s amazing is that their site was hacked May 13th. They were notified today and have taken steps to remove the exploit. (2 weeks and 5 days….) In all fairness the forum is not hosted on the same server as circuitcity.com but is reachable from their homepage.

It looks like the backdoor was served up from Russian IP addresses (this in particular seems to be a particularly bad neighborhood.) Also, the backdoor itself was a spam sender apparently changing the messages every 10 minutes or 70,000 messages (whichever comes first????). Who knows how many pc’s have picked up this bug from Circuity city’s support forum.

Folks – update your antivirus, keep windows patched, if you don’t think you can do that on your own, get somebody else to help with that. (sigh… this batch of news today has been pretty depressing… I just finished cleaning out a trojaned laptop (Antivirus had expired August of 2004) and am picking up a machine tomorrow for a wipe and factory reinstall…. at least you feel like you’re making some headway like that) What’s depressing is wondering how many people out there are backdoored and don’t have a clue. (Like I say, the laptop hadn’t had updated AV since August of 2004. How many junk mails had it sent?)

   Send article as PDF   

Similar Posts