Malicious Attack
- HM Silverbane
- New Seedling
- Posts: 49
- Joined: May 29, 2010 7:05 am
just got pinged by it when i got here a moment ago. its still there guys.
i have ushi's off topic section saved, so i go directly there (bookmark i mean) and when i clicked 'board index' avast pinged me and warned it had stopped a malicious redirect. click back page and then click board index again and all is (seemingly) well.
i have adblock plus, and its popup blocker component aswell, if this helps
(avast flashed it up too fast for me to read it, sorry)
i think something is moving about in the site somehow still
i have ushi's off topic section saved, so i go directly there (bookmark i mean) and when i clicked 'board index' avast pinged me and warned it had stopped a malicious redirect. click back page and then click board index again and all is (seemingly) well.
i have adblock plus, and its popup blocker component aswell, if this helps
(avast flashed it up too fast for me to read it, sorry)
i think something is moving about in the site somehow still
I got it twice already I didn't get the banners the first time but this time around it was a sign up for xfinity triple play and android phones for sale now from AT&T on the Harvest Moon A New Beginning Main Page. I also have a popup blocked which I'm not checking <<;; sorry. Maybe this information helps a bit.... I have somewhat more detailed info from Norton but I'd rather not post it so if it helps I'll send it to you privately later if you need it let me know.
-
- Crazy Cow Herder
- Posts: 192
- Joined: Oct 26, 2009 7:51 pm
- Terranigma Freak
- Ultimate Farming Fanatic
- Posts: 1401
- Joined: Oct 31, 2000 8:07 am
You will want to clear your browser cache and (tracking) cookies, and then do a scan for malware on your computer.
Or, you could simply be a tad more specific. I can check logs if you actually give details, but the site has been scanned and tested multiple times over the past week and nothing comes up. Being that it isn't affecting everybody who accesses the same data on the site, it may of been a malicious banner ad that has since been yanked and now there's just clean-up to do on local machines.
Or, you could simply be a tad more specific. I can check logs if you actually give details, but the site has been scanned and tested multiple times over the past week and nothing comes up. Being that it isn't affecting everybody who accesses the same data on the site, it may of been a malicious banner ad that has since been yanked and now there's just clean-up to do on local machines.
-
- UNoT Extreme Mooomber
- Posts: 14241
- Joined: May 23, 2002 3:48 am
Cher, I keep being redirected to this. No script blocks it.
http://liskjy.eu/index.php?r=d3FqYXp0aj ... MwMjhjZg==
That's just happened when I clicked on the backfence. No idea what it is, because I'm not okaying it on noscript!
http://liskjy.eu/index.php?r=d3FqYXp0aj ... MwMjhjZg==
That's just happened when I clicked on the backfence. No idea what it is, because I'm not okaying it on noscript!
-
- Crazy Cow Herder
- Posts: 192
- Joined: Oct 26, 2009 7:51 pm
That's one of the links I was redirected withMadame Madie wrote:Cher, I keep being redirected to this. No script blocks it.
http://liskjy.eu/index.php?r=d3FqYXp0aj ... MwMjhjZg==
That's just happened when I clicked on the backfence. No idea what it is, because I'm not okaying it on noscript!
I'm gonna run a thorough scan later
-
- Custodian of Corn
- Posts: 436
- Joined: May 15, 2012 6:53 am
I haven't received warnings about malicious attacks or redirects, but I did just get a security warning on my phone after I clicked on page 235 of the Witch Princess fanclub in posting games. I copied it onto a piece of paper.
Then I hit view certificate.Warning wrote:The name of the site does not match the name on the certificate.
Now I hit page info.Warning wrote:Issued to:
Common name: *google.com
Organization: Google Inc.
Organizationl unit:
Validaty:
Issued on: Dec 06, 2012
Expires on: Jun 07, 2013
Warning wrote:Ushi No Tane - Harvest Moon - view topic - ~The Witch Princess Fanclub~ "Write a Poem About Joe!"
Adress: http://www.fogu.com/hmforum/viewtopic.p ... start=3510
-
- Crazy Cow Herder
- Posts: 192
- Joined: Oct 26, 2009 7:51 pm
- midnighttherabbit
- Carrots... yum
- Posts: 545
- Joined: Aug 06, 2012 12:00 am
- Contact:
I normally have a page for guides up & open and it suddenly magically changes to a porn page on me as well
Usually happens when I'm away from my laptop too....
it's usually a page called hardcore xxx tube but I've gotten some others as well....but every time I've gotten it I clear almost everything in history (cache, cookies, the whole shebang) run 3 different adware/malware scanners and it never finds anything.
It just appeared for me again within the past few hours or so (haven't touched/looked at this thing since 10 hours ago though....) so I guess I gotta do a bunch of scans again and try not to leave my tabs open to ANYTHING on this site now that I've seen several others have this issue..........
Usually happens when I'm away from my laptop too....
it's usually a page called hardcore xxx tube but I've gotten some others as well....but every time I've gotten it I clear almost everything in history (cache, cookies, the whole shebang) run 3 different adware/malware scanners and it never finds anything.
It just appeared for me again within the past few hours or so (haven't touched/looked at this thing since 10 hours ago though....) so I guess I gotta do a bunch of scans again and try not to leave my tabs open to ANYTHING on this site now that I've seen several others have this issue..........
Okay, I just got this
And I just clicked on the "view active topics" if that's of any help.[/color]
Code: Select all
http://015009130110005230567436cfaf9a4d6f028721eec5608.jkwypk.eu/sort.php
I believe this is the aforementioned "black hole" attack I have mentioned earlier, which apparently is now in this entire website, and strikes randomly so that it can't be easily traced without prepared detection. In order to avoid it, either have a strong antivirus (most commercially popular ones should protect against the common variety) or be able to use noscript (plugin for browsers like firefox) in order to stop the redirect to the bad site.