Today a new alert came up for messenger users, especially GMail users. Infection happens once the user visits the website address sent by the infected user automatically.
just stole your cookies! Get them back here http://i.heysan.com/rHCFOQgX
Also there is a case where the message automatically changes while sending to different user. The best step you may take as counter measure would be avoid clicking on the link. There is no update till with any Anti-Viruses or Internet Security services.
Heysan.com is a website that provides social messaging service to the world, similar to Ebuddy IM Service. This serious vulnerability will drastically affect their service, thats very sure. We have sent an email to the administration team about this infection. lets hope for the solution…
Related Posts :
URL: http://www.v4uindia.info UPDATE: SITE INFECTION CLEARED. SITE IS RECOMMENDED TO VIEW NOW ...
Twitter seems to be among the favorites of cyber criminals. They're increasingly using this soci ...
Visiting this site may harm your computer and this alert triggered by google as well as firefox. ...
One of the newly started institution in Erode District (Tamilnadu, India) website infected by so ...
Which third parties can access sensitive data that users post on Facebook, such as email address ...
Thank you very much. I had a got a suspicious msg ”Person-I-know has uploaded your photo. Click on the link http://i.heysan.com/YEyw4Sy4 to see it!” Good I didn’t click it. All thanks to your warning….
Thanks,
Meenal A. Mukadam
Hmmm… I got this message twice today itself… But clicking on the link doesn’t cause any file download or any apparent danger… or does it??
Dear Pulkit, look there is any change in the Gmail Contacts or lists. If there is any change then try to completely remove the web browser and install it again.
Which web browser you are using ?
———–
Dear Meenal Mukadam, you are welcome. Keep visiting the EH Site for more Free Security Tips and Tweaks.
Thanks for telling us silic0n…………………….
Thank god I never used messengers other than MSN,YM and Gtalk on pc
yah this is security bug there in there website, so dnt click on those links
Guess Mac/Linux Users could not be affected.
Heysan is not a virus or a fishing site, heysan is a mobile IM site that enables users to use their IM on their phone. When you sign in to heysan, there is an option to let your friends know that you did or to sign in without doing so. Heysan does not install anything on your computer or phone, heysan does not abuse your login credentials to spam your contacts, heysan does not sell or in any way share your private information with anyone – all stated in our terms of use and privacy statements. More importantly, heysan is a loved service and have a large, highly engaged community on top of the utility of mobile IM. Check it out, you might end up liking it.
Thanks for your reply marie. Here the sample screenshot we got while testing your site. Please look into it. i have contacted your team via contact us page.
http://www.pix89.com/images/44pxiihgu16vahufvqop.jpg
who cares Marie !
your site’s fame is no more !!! People have to think twice before using heysan and other untrusted IM services again.
Marie,
The person from whom I got the msg hadn’t uploaded any photo of mine. And I was suspicious for two reasons:
1) I’m a pentester. So I knew the inherent risk involved in clicking that link.
2) I don’t know the persn directly and neither does that person had any photo of mine to upload.
3) When I asked the person he said he hadn’t uploaded any pic neither did he send me a link.
So u need to look up and test the Integrity of your application before people lose trust in it….
Meenal A. Mukadam
Thats perfect
Marie/ Hmm. You posted the same message on another website where someone pointed out this same problem. A paid poster? As a person who has been seriously affected by your mischievous recruiting method, I can testify that these “spams” are being sent out regardless of whether you opt out or not, i.e. ppl on your list get spams even when you choose not to invite anyone. You say, “heysan does not abuse your login credentials to spam your contacts, heysan does not sell or in any way share your private information with anyone”, maybe you did not mean to, but I can prove that my login credentials HAVE been abused to spam my contacts.
Thank you Robin
Wow, it only ‘spams’ if you send a user on your contact list an IM. It also sends a user on your contact list if you invite them to Heysan. And, Marie isnt a paid poster, she works at heysan.
I’ve used it for about a year now, and nothing has happened. Your phishing detector (or whatever) only alerts you because the service hasnt been up for that long and it seems like its trying to phish you… <3 Kevin