Malicious Attack
-
- Huggy Chickens
- Posts: 307
- Joined: Nov 13, 2012 5:07 pm
- Contact:
-
- Anonymous Fish
Even if you have an ad blocker it still will redirect you. This has affected me before and I thought it was just me because I didn't notice anybody else post about this. I have a good anti-virus on my computer (sunbelt VIPRE). I have deep-scanned my computer and found nothing. On top of that my computer is automatically set to do a quick-scan every night.
I usually receive the redirects when I click on the portal at the top here for the update page since the forum is bookmarked for me.
I've gotten random pages before and even gotten redirected to a porn website :/ I tend to keep away nowadays.
I usually receive the redirects when I click on the portal at the top here for the update page since the forum is bookmarked for me.
I've gotten random pages before and even gotten redirected to a porn website :/ I tend to keep away nowadays.
- Ru-Ne Ni-Chaan
- Ultimate Farming Fanatic
- Posts: 1216
- Joined: Nov 03, 2011 12:34 am
- Raven Mist
- Spinich Bodyguard
- Posts: 626
- Joined: Oct 09, 2005 7:07 pm
A friend posted this on another forums, in a thread we both frequent. If everyone who's having the issue has updated java then maybe that's it?Vann Borakul wrote:I was redirected to porn after clicking the back fence o_O
My OS is like a day old
I think it happened right after the website told me a plugin on this website said I needed to install a java runtime environment thing. I'm pretty sure the redirect happened before it finished
I can PM the urls or something if that helps. The URLs are gibberish, but link to ushi
edit: Also I've run into the issue (minus the porn site redirect) but only when I google ushi no tane and try to get to the ANB page from there. And only the ANB page, all other ushi no tane pages I get to from google don't give me the issue.[align=center]HEY GUYS
Friendly PSA from your local computer nerd![/align]
There's a really bad exploit for Java that was released into the wild that uses a known security hole in order to remotely install software on your machine. This means that someone could install and run software on your computer without you even knowing about it. Everyone who uses Windows should disable Java on all of their internet browsers ASAP.
Here's some more information:
http://www.us-cert.gov/cas/techalerts/TA13-010A.html
http://www.kb.cert.org/vuls/id/625617
http://news.yahoo.com/government-warns- ... ector.html
Some websites are gonna look really ugly with Java turned off, but this is better than getting your files deleted or your personal info compromised. Oracle (the company who makes Java) has known about this since August last year and has blown off fixing it.
I'm running AdBlock (sorry, I don't trust ad serving domains and this is exactly why, I would rather just hand my money over directly) and NoScript. I have not installed anything Java related beyond the runtime itself. The only Java application I've run is Minecraft, and no one I know who plays it is running into this issue. NoScript is configured to not run any embedded Java unless I authorize it, and I have not done so at all yet.Yaneci wrote:A friend posted this on another forums, in a thread we both frequent. If everyone who's having the issue has updated java then maybe that's it?
All scans come up clean. Yes, I realize that's not an absolute confirmation, but I am only ever encountering these redirects on the fogu.com domain, nowhere else. I browse quite a bit, it's not coincidental.
Here's a probably full list of addresses I've been redirected to:
Spoiler:
Spoiler:
Last edited by Saikatsu on Jan 13, 2013 7:13 pm, edited 1 time in total.
-
- UNoT Extreme Mooomber
- Posts: 2102
- Joined: Jun 01, 2010 6:28 am
-
- Huggy Chickens
- Posts: 323
- Joined: Jan 09, 2009 1:50 pm
So this is why I've been getting more notifications from my antivirus about blocked port scans. I was wondering why the number suddenly seemed to jump.....
It certainly seems like someone is out to get fansites lately. Pokejungle got hacked a few months back, Bulbapedia just a few weeks ago, and now Ushi.
It certainly seems like someone is out to get fansites lately. Pokejungle got hacked a few months back, Bulbapedia just a few weeks ago, and now Ushi.
-
- UNoT Extreme Mooomber
- Posts: 2102
- Joined: Jun 01, 2010 6:28 am
-
- Carrots... yum
- Posts: 516
- Joined: Nov 26, 2011 12:44 pm
- Contact:
-
- UNoT Extreme Mooomber
- Posts: 2102
- Joined: Jun 01, 2010 6:28 am
It says right in the error where that is from. It isn't even the same urls we're dealing with.SilverFire wrote:Spoiler:
port scans have nothing at all to do with this issue.Kitana Coldfire wrote:So this is why I've been getting more notifications from my antivirus about blocked port scans. I was wondering why the number suddenly seemed to jump.....
On the one machine that I was able to replicate on, it has been redirect/porn free for the past 4 days after I cleared Firefox cache, cookies, and browsing history. Typically the .eu redirect occurred once per day, but nothing has triggered since I wiped the history. I could never get it to trigger in IE.
If you're getting the redirect, clear those three datafields from your browser.
-
- Huggy Chickens
- Posts: 323
- Joined: Jan 09, 2009 1:50 pm
Huh, really? I figured they were connected since the scan notifications tended to follow the site attempting to redirect, but maybe I'm mistaken. If so, I apologize for my erroneous thinking. This college wifi is odd. ^^;Cherubae wrote:port scans have nothing at all to do with this issue.Kitana Coldfire wrote:So this is why I've been getting more notifications from my antivirus about blocked port scans. I was wondering why the number suddenly seemed to jump.....
On the one machine that I was able to replicate on, it has been redirect/porn free for the past 4 days after I cleared Firefox cache, cookies, and browsing history. Typically the .eu redirect occurred once per day, but nothing has triggered since I wiped the history. I could never get it to trigger in IE.
If you're getting the redirect, clear those three datafields from your browser.
Regardless, my firewall just takes me to a blank page when the attempted redirects happen, though I don't think it's attempted again since I turned AdBlock back on.
I cleared that stuff from my browser a few days ago and thought it would fix it. It did seem like it went away because I went a whole, like.. day and a half without getting that anymore.
However just now I got
I'll try clearing my stuff again right now and let you know if it happens again.[/color]
However just now I got
Code: Select all
http://70878435736e2563015009130116010750259946cfaf9a4fed1f986c90deb03.ctsau.com/sort.php