Someone's Hacking Google...

…And trying to put up a porn site! Bet this will be in the news tomorrow :stuck_out_tongue: Right now I’m getting an “index of /” page that displays all the php files. One called “razliva.php” points to a porn site. “urls.php” points to a search query on monitors. “1index.php” and “!index.php” look like Google’s main page, but the search button fails. When I ran the php file “newvars.php” it copied “galleryplanet.htm” to the same folder which in turn points to ANOTHER porn site. I wonder how Google will defend themselves?

Google is working fine for me…No porn on my monitor…

I tried and it’s working fine. It’s just I also read somewhere that google is very decentrilized- they have web servers all over the world and they use some algorithm to determine the closest server. I live in the western US. Maybe someone simply is hacking one of their ‘outposts’?

At the bottom of the page it says “Apache/1.3.29 Server at Port 80”. If you want to see, you could http to that ip address. doesn’t seam to be owned by google.
I would guess that it is you that have spyware, that replaces google with that site.
Download spybot s&d, update the definition file, and run it. that usually gets rid of such things. Change browser to Firefox so that it won’t happen again.

changing your hosts file probably

google’s distributed thing is akamai, they aren’t the only one that use it

essentially they have servers all over, and the dns servers return the nearest akamai server [which is predetermined. and you usually speak to a nearby dns server as opposed to one halfway across the planet], as opposed to the main one.

I http’d to on 80 and I got the same thing you were talking about RipSting.

I have spybot search and destroy installed (yes I’ve updated the definition file) and I just ran it… same thing as before.

me too. And I don’t have anything going on. That may be an internal error.

Google is fine for me, no problems that I can see. :expressionless:

did you try that address?
i don’t know what that is. And works fine.

Well there were entries in hosts that pointed and to that ip address. So my browser WAS hijacked. I cleared that and ran both Adaware (found only tracking cookies) and SpyBot (found nothing). Not sure how they got to my computer other than remote desktop, and the webserver that I run to debug .NET web apps.

Now it seems like the infection has spread. Media Player got messed with and booting takes forever once windows has loaded. Some processes are running that weren’t there before. I used Windows Restore to go back about a week, so hopefully that will fix those issues.

When I try to go to google now it’s not displaying any page at all. works still, so maybe I’ll just have to switch to that. Oh… I can get to though. Maybe now would be a good time to redo my computer :o

I wasn’t clear: I think that a program(or a setting in the hosts file) at your computer redirects to thet ip, and since that ip had very little information, and nothing that connects it to google I would guess that it is from the same people that made that redirection, So if you go to the ip directly everyone should get that fishy site, but only RipSting are redirected to it when trying to get to

I’m installing firefox right now. Haven’t tried anything other than IE- which is obviously full of security holes.

go firefox!

Of all the things they could put up there they put pr0n… %|

What’s the easy way to bomb their server???


Contact a terrorist?

lol, ping flood

You know, other browsers are probably more vulnerable, just less exploited because of their lesser popularity. Just going on a whim here… Linux has tons of security holes too, despite what you might think to the contrary. Hackers don’t target it nearly as much because of it’s popularity among the coding community.

But since firefox is not as integrated with the os as IE it is safer. Wether linux is safer I do not know, but i think that usually the defaults are safer.
And in wich case: as of now firefox is very safe, it maybe will change in the future, but it’s still not probable that the default settings will be as insecure as IE’s.

Say that to Apache (versus IIS)… Or maybe you really think IIS got more market share than Apache?