Homebrew PeggleCrew Hijacking /r/3dshacks Subreddit

[Metab]

This just means some mod was stupid enough to get infected, and then found out he had access to mod tools on a sub reddit. They didnt 'target' this scene, its just they stumbled upon it.

 

[chaoskagami]

It's back to normal now, but what I want to know is what exactly did they insert into the page and do we need to be worried about possible driveby exploits?

If anything this can only affect serverside rather than reader side. Reddit will always have a cached copy but it wont change the fact that unless they find out who's compromised, it wont stop.

Actually, I didn't get the time to analyze that image, but there's nothing preventing it from being an image-based exploit. Remember libtiff on the PSP?

 

[The Real Jdbye]

If anything this can only affect serverside rather than reader side. Reddit will always have a cached copy but it wont change the fact that unless they find out who's compromised, it wont stop.

Anything that is sent to the client side has the potential to affect the client side if they make use of driveby exploits. Basically driveby exploits are exploits in software on the client side which once an infected page is visited can be used to install malware without the user's knowledge or consent.
I didn't get a chance to have a look at the source code of the part they added or the image itself, which is why I'm wondering.

 

[chaoskagami]

The reddit is back, by the way, but it's still named @PeggleCrew. Assume it is still compromised.

 

[Misledz]

Actually, I didn't get the time to analyze that image, but there's nothing preventing it from being an image-based exploit. Remember libtiff on the PSP?

Similar to the one on devhook days? If so then yeah, but Chrome for some reason can sort out these kind of exploits so Im not so worried. If Im having a hard time getting exploit pages to run on chrome than on my Wii U, then I guess Google's doing a good job

 

[chaoskagami]

Similar to the one on devhook days? If so then yeah, but Chrome for some reason can sort out these kind of exploits so Im not so worried. If Im having a hard time getting exploit pages to run on chrome than on my Wii U, then I guess Google's doing a good job

Exploits in chrome require ROP. Memory protection. And on top of that, you also have to get out of the sandbox. Firefox, on the other hand...you may want to turn off JIT.

Also, the 3DS and WiiU technically are WebKit, not Blink.

 

[The Real Jdbye]

Similar to the one on devhook days? If so then yeah, but Chrome for some reason can sort out these kind of exploits so Im not so worried. If Im having a hard time getting exploit pages to run on chrome than on my Wii U, then I guess Google's doing a good job

Browser devs make continuous efforts to block known exploits, but there are always new ones being found that aren't publicly known yet, so you're not protected from everything. Even antivirus, firewall and antispyware software won't protect you from everything.
These people seem like just your average skiddie though, so they probably wouldn't have access to unpatched exploits, but you never know.

Exploits in chrome require ROP. Memory protection. And on top of that, you also have to get out of the sandbox. Firefox, on the other hand...you may want to turn off JIT.

Also, the 3DS and WiiU technically are WebKit, not Blink.

I have NoScript and reddit.com is disabled on it, is that good enough? (Firefox though)

 

[chaoskagami]

Browser devs make continuous efforts to block known exploits, but there are always new ones being found that aren't publicly known yet, so you're not protected from everything. Even antivirus, firewall and antispyware software won't protect you from everything.
These people seem like just your average skiddie though, so they probably wouldn't have access to unpatched exploits, but you never know.

Yeah, I doubt it. Though there's nothing stopping them from targeting fixed exploits in hope someone hasn't updated.

 

[Misledz]

Browser devs make continuous efforts to block known exploits, but there are always new ones being found that aren't publicly known yet, so you're not protected from everything. Even antivirus, firewall and antispyware software won't protect you from everything.
These people seem like just your average skiddie though, so they probably wouldn't have access to unpatched exploits, but you never know.


I have NoScript and reddit.com is disabled on it, is that good enough? (Firefox though)

Exploits in chrome require ROP. Memory protection. And on top of that, you also have to get out of the sandbox. Firefox, on the other hand...you may want to turn off JIT.

Also, the 3DS and WiiU technically are WebKit, not Blink.

I have learned much today. Thanks Sensei's

 

[chaoskagami]

Browser devs make continuous efforts to block known exploits, but there are always new ones being found that aren't publicly known yet, so you're not protected from everything. Even antivirus, firewall and antispyware software won't protect you from everything.
These people seem like just your average skiddie though, so they probably wouldn't have access to unpatched exploits, but you never know.


I have NoScript and reddit.com is disabled on it, is that good enough? (Firefox though)

For scripts, yes. Not images.

 

[Joom]

...HAHAHAHAHAHAHAHA! Remember kids, don't use your browser's built in password saver.

 

[Kioku]

A subreddit was hijacked by a mod. I highly doubt it was some genius hacker that actually has a clue.

 

[chaoskagami]

...HAHAHAHAHAHAHAHA! Remember kids, don't use your browser's built in password saver.

And remember: use a combination of capital/lowercase letters, numbers, symbols and use more than two words!

 

[Deleted User]

I don't use reddit. So nothing was lost on my end.

 

[The Real Jdbye]

For scripts, yes. Not images.

I doubt they found some image exploit, but I wasn't actually able to save the image to have a look at it (the option wasn't there in the right-click menu, probably because it used some weird CSS or JS as I've experienced the same problem on other sites, even here on GBAtemp) so I can't know for sure. I just tend to be paranoid about computer security (and most other things )

 

[Joom]

A subreddit was hijacked by a mod. I highly doubt it was some genius hacker that actually has a clue.

Or some script kiddy with a RAT, and the mod was dumb enough to download an infected binary.

 

[XxShalevElimelechxX]

How much did Nintendo paid for them to do this?

NINTY dollars

 

[Ricken]

And remember: use a combination of capital/lowercase letters, numbers, symbols and use more than two words!

I have a txt that contains all my random character passwords and a 19 digit password on the zip. None of the random passwords are labeled.
FITE ME

 

[chaoskagami]

I have a txt that contains all my random character passwords and a 19 digit password on the zip. None of the random passwords are labeled.
FITE ME

Better than a closed source password management tool or a browser plugin.

I hope you're using AES and not ZipCrypto, though.

 

[Pokéidiot]

NINTY dollars

ninty satoriillions of dollars