Hackforums.net Investigation


We are working to get Hackforums.net shut down. We feel strongly that it a website which has an undue influence on young people as well as promoting illegal computer activities such as hacking, virus spreading, manipulation of online financial services etc.

I'm not certain of what your criteria if for judging a site to be 'positive for malware'. I know that is not an easy threat to withstand and I don't blame this site for exercising caution and withdrawing the 'positive' for malware decision.

Hackforums.net - "Infecting one another with malware."


We are reporting this site for illegal activitie and it should be closed as soon as posible!

Legal internet law will clean all illegal activities and we will help realise it!

[IT Security Team]

209.172.59.146(ngrBot hosted in Canada Toronto Iweb Technologies Inc)

Remote Host Port Number
209.172.59.146 5794 PASS ngrBot

213.251.170.52 80

74.53.197.4 80

NICK n{US|XPa}pvcbajf
USER pvcbajf 0 0 :pvcbajf
JOIN #butowski ngrBot
PRIVMSG #butowski :[DNS]: Blocked 0 domain(s) - Redirected 15 domain(s)

The data identified by the following URLs was then requested from the remote web server:
http://api.wipmania.com/
http://conectaamor.com/_server/editor/images/dominios.txt

EXE File:
http://conectaamor.com/_server/editor/images/fudnew2.exe

RFI SHELL:
http://conectaamor.com/_server/editor/images/lang.php find the passwd your self

Mailer:
http://conectaamor.com/_server/editor/images/mailer.php servez vous lol

hosting infos:
http://whois.domaintools.com/209.172.59.146