Be careful for these hackers.

DeadlyFamous·11/20/2015, 10:39:02 PM·18 votes·5,291 views

So recently, my friend has encountered a hacker, and so did I, he hacked into my friends account, and then use this website logwebz.co.vu/HCTyt9IvafN3lqr//etc ( Full link will not be shown, due to safety for the league community) However the website will start with logwebz.co.vu etc, they use the same login screen for league of legends and stuff, so I wanted to say to everyone to be careful to those who get links like that, they WILL try to take your account. :) so be warned and do not click links.

19 Comments

SurvivorLegend11/20/2015, 11:18:13 PM7 votes

I studied more into this. Virus Total shows a lot of DNS replications. Exploring the page further just shows actually a view counter as it redirects you to a website to set up a view counter on per say your blog. Mostly harmless but is a nuisance. 5 of my friends are "infected" already. As I know of these people have not given a password to anyone, so this guy might have some talent... I'm still trying to find how it occurs. I'll be back IF I find information. :)

SurvivorLegend11/20/2015, 11:36:03 PM4 votes

I did a traceroute: Tracing route to 166.ip-192-99-168.net [192.99.168.166] over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 192.168.0.1 2 11 ms 15 ms 10 ms cpe-69-203-8-1.nyc.res.rr.com [69.203.8.1] 3 15 ms 8 ms 14 ms tge-0-10-0-15.flshny0701h.nyc.rr.com [68.173.193.105] 4 17 ms 15 ms 15 ms agg103.nyclnyrg01r.nyc.rr.com [68.173.198.136] 5 12 ms 15 ms 20 ms bu-ether29.nwrknjmd67w-bcr00.tbone.rr.com [107.14.19.24] 6 15 ms 10 ms 14 ms 0.ae0.pr0.nyc30.tbone.rr.com [66.109.6.159] 7 13 ms 11 ms 17 ms ae10.edge3.Newark1.Level3.net [4.68.63.121] 8 14 ms 16 ms 13 ms nwk-1-a9.nj.us [178.32.135.18] 9 21 ms 19 ms 19 ms bhs-g1-a9.qc.ca [192.99.146.99] 10 23 ms 18 ms 23 ms vac3-0-a9.qc.ca.vaccum [198.27.73.245] 11 22 ms 22 ms 24 ms vac3-1-n7.qc.ca.firewall [198.27.73.242] 12 18 ms 23 ms 25 ms vac3-2-n7.qc.ca.tilera [198.27.73.247] 13 24 ms 21 ms 21 ms vac3-3-n7.qc.ca [198.27.73.237] 14 * * * Request timed out. 15 27 ms 23 ms 20 ms 3.ip-192-99-212.net [192.99.212.3] 16 27 ms 24 ms 19 ms 166.ip-192-99-168.net [192.99.168.166]

SurvivorLegend11/20/2015, 11:32:57 PM3 votes

Exploring the home page of the website its a type of Tai Lopez scam stuff. Home page looks like as cover for their subpages and stuff. IP is 192.99.168.166 and does not go straight to the page as misconfiguration so it doesn't look like it is a scam.... Canadian IP?

SurvivorLegend11/20/2015, 11:26:29 PM3 votes

Update: Different links go to different webpages. The first one I received is a view counter and the other one is a replica of the LoL signup page. My friend who has "sent" me this message says he is locked out of his account. Looks like not a nuisance and a serious problem at all... All domains that I know of are registered to the country of Vanuatu an oceanic France influenced island.

Drugoth11/21/2015, 6:57:53 AM2 votes

I wouldn't consider the people who set up these phishing pages to be hackers at all. More like they believe they are somewhat clever and just depend upon the stupidity of others. Either way, make sure you pay attention to what links you are clicking into and you should be fine.

Chicken4dinner11/21/2015, 4:04:12 AM1 votes

Lol, at times I forget industry professionals play league

BakedLotion11/21/2015, 4:12:08 AM1 votes

Why would you be dumb enough to click these links anyway?