[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Bulgarian Pirate Site Scare



PureBytes Links

Trading Reference Links

Hi everyone

After reading one too many posts about this site www.bulgaria.com/people/fx25/product.htm 
I went to see it myself. Here are some of my thoughts which should alleviate 
a lot of fears people had about their systems getting infected.

It appears that the authors of the site have used some JavaScript code to 
scramble the source of their site. Usually it would be done to protect the 
design elements of the HTML code so people would not steal their code (if 
the site had any redeeming value) - but why in their case is unclear to 
me. One can usually "see" the HTML code of any web site by right clicking 
in the page and selecting View Source option. 

Furthermore, the code is optimized for MS Internet Explorer and is displayed 
very poorly in Navigator. That is why some people could not see the page 
properly. If viewed with IE it will not allow you to see the source of the 
page. Right click on it and it will give you "Forbidden" response.

In addition, they are collecting standard info on the web page visitors 
- where you came from, your video resolution, etc. 

It appears to be pretty innocent - but without being able to see all of 
the JavaScript code one can never know for sure. I have been on this page 
number of times and even tested some files from the site. There appears 
to be no trojan programs or virii being executed on the system. 

I do have both hardware and software firewall as well as ZoneAlarm which 
noticed no unusuall activity.

In conclusion, I think that the person reporting programs executing on his 
sytem saw the following code and got scared not really understanding it 
fully.

	<SCRIPT LANGUAGE="JavaScript">
	<!--
	function Decode() {
	
It is good that he tried to warn all of us - but it might have scared a 
lot of people unnecessarily.

If you wish to prevent any malicious JavaScript code executing on your system 
check your Options or your Security settings (use maximum). Use online HELP 
section of each browser (that topic is beyond the scope of this discussion).

Lee