intermittent 404 and index replaced with tbh.jp site & virus.
I've seen a few of these happening on (apparently) CPanel10 hosts.
All sites get DNS problems, all files 404 as the whole site is redirected to tbh.jp/index.php - which is a site with a 0x0 iframe that tries to load an activeX virus to you (only if you have Internet Explorer, I use Firefox Browser so I never got the virus).
on that tbh.jp site is this text
PUT SOMETHING HERE IF YOU'D LIKE TO EHEH !!!
Also refer to this post http://forums.cpanel.net/showthread.php?t=42129 (no info and off topic I guess).
A site with users seeing the problem http://forums.ecphosting.net/printthread.php?t=641 (not the host I am with, but all of us are getting it too)
Defacement alert
http://www.zone-h.org/en/defacements/view/id=996147
flame.so file information. Via a GET request, gotta restart apache or something.
http://www.webhostingtalk.com/showthread.php?s=&threadid=429922&highlight=tbh
http://www.buzzgrinder.com/?p=2554
I've seen a few of these happening on (apparently) CPanel10 hosts.
All sites get DNS problems, all files 404 as the whole site is redirected to tbh.jp/index.php - which is a site with a 0x0 iframe that tries to load an activeX virus to you (only if you have Internet Explorer, I use Firefox Browser so I never got the virus).
on that tbh.jp site is this text
PUT SOMETHING HERE IF YOU'D LIKE TO EHEH !!!
Also refer to this post http://forums.cpanel.net/showthread.php?t=42129 (no info and off topic I guess).
A site with users seeing the problem http://forums.ecphosting.net/printthread.php?t=641 (not the host I am with, but all of us are getting it too)
Defacement alert
http://www.zone-h.org/en/defacements/view/id=996147
flame.so file information. Via a GET request, gotta restart apache or something.
http://www.webhostingtalk.com/showthread.php?s=&threadid=429922&highlight=tbh
http://www.buzzgrinder.com/?p=2554
Last edited:
