Return to home page
Site Scanner
July 15th: New attack profiles found!One of our members has found a new set of attacks, with script calls to mostly Russian sites. The detectors and cleanup routines have been updated with the new data... see the news area for more details.
HomeSign upMembers AreaPricingInfoNetworksNews+
Member QuotesOur LinksLive StatisticsKnown Attack Sites

Known Attack Site List

Yes, it's a pun (the acronym would be KASL... pronounce 'castle', as in the chess move often used to protect the King).  We will keep the current 'known bad' site list here.  DO NOT VISIT THESE SITES!!!! 

A site gets on this list when it is the repeated 'destination' of defacement attacks.  That the most common hacker attack works like this: They deface YOUR site, putting in code that pulls a trojan from another site, loading it into your visitor's browser.  Result: the visitor's anti virus software will blame YOUR SITE for the bug.

Why post this list?  Instructions at the bottom of this page will tell you how to use this list to protect YOUR computer from these attacks.  If you know where the worst-of-the-worst sites are, and tell your computer not to go there, it gives you a little extra protection when surfing.  This should be used in addition to traditional anti-virus programs with active scanning (not instead of).

Current known attack sites:

stelaartois.ru
mystabcounter.info
spybiz4u.com
hot-bids.com
good-traffic.hk
yata.com.au
megatron.us.tt
statisticgraf.info
golden-corps.com
trustsellers.co.cr
plus.lublin.pl
grumbal.cn
rnw.kz
warpiln.net
macrotub.com
areadrum.com
heroguy.ru
jarpub.ru

 

Use for this list

There is a file called a 'hosts' file on most personal computers (Max and Linux boxes have this as well).  The file lets you trick the computer into never visiting the actual site.

Here's what to do:
  • From your desktop, click on "My computer", or right click on the start button and hit 'explore'. This brings up your local file explorer. (Note: Vista users: load a copy of notepad (run as administrator), pick 'open files', switch to 'all files view'... XP and older can use regular file explorer.)
  • Navigate to : C:\Windows\system32\drivers\etc (note: you may have to enable 'view system files', or disable 'hide system files' to do this.)

  • You will see a small list of probably about 5 files. The important one for this discussion is "hosts" (no extension).
  • Double click on the 'hosts' file. If windows asks you what program to use, select 'notepad'.
  • At the bottom of the file, add the following line:
    127.0.0.1        stelaartois.ru
  • (Note: There are often several spaces or a tab between the IP address and the domain.)
    (Note: Put each attack site on a separate line, always starting with 127.0.0.1)
  • Then pick file/save in notepad, and reboot your computer.
Once this is done, any time you browse to a site hit with this iframe, your computer will not be able to find the website, so you won't get infected by it.
This site is a member of the VS-TEN Traffic Exchange Network
This site is powered by VS-TrEx Traffic Exchange Software
This site has been built with the Varisearch LLC Skeleton 2.0