Malware Warning
#21
I'm gonna bet it was from one of the banner ads.
Reply
#22
I just received another warning,
Mal/Iframe-AD

Aliases

* Trojan-Downloader.JS.Iframe.bxs
http://www.sophos.com/en-us//threat-cent...ame-F.aspx


Mal/Iframe is a nasty malware that is designed to spread throughout the Internet. Mal/Iframe is a textbook example of a dangerous Web threat that hijacks and exploits vulnerable sites not considering whether the content is about cookery or pornography. In addition, hackers may embed Mal/Iframe into e-mails using HTML to exploit users.

As we all know, compromised sites play an important role in web distributed malware, acting as the conduit, guiding user traffic to further malicious content. Sometimes, the attackers get lucky, and succeed in compromising a high profile, popular site. Another way to increase the number of users exposed to the attack is to compromise advertising content, thereby exposing all users of any 3rd party sites that happen to load the ads.

Late yesterday evening, we started to see evidence of such an attack - Sophos products were blocking certain ad content as Mal/Iframe-U.

Reply
#23
(10-13-2011, 01:54 AM)kgasso Wrote: Should be all fixed up. Appears another site on the host's server may have been compromised, and possibly was able to affect ours via a bug in the web server software. Still looking into that though.

Please let me know if you get any more warnings / alerts.

Thanks!

!


Thank you so much, Kam.
Ive sometimes fantasized about having a forum, but if something like this were to happen to it, I would be up the proverbial creek.
I don't know what: "It took me two hours to even duplicate it" means! Much less, how to fix it!
Thanks again, Big Daddy. Wink
Reply
#24
That's what internet hosting companies are for. You make them deal with it, or move the site to another one. Plus, maybe don't take ads. Smiling
Reply
#25
I'm still getting the warning when I come in through the front page.
Reply
#26
Strange. Any chance you can to clear your browser cache and try again?
Reply
#27
I don't know if the Malware infected my router but I had to reset my router completely back to the beginning this morning. I could not access any https sites.
Reply
#28
As long as I know you're in there, Kam, something I notice on another forum is there are links at the bottom of the page as well as at the top. I wonder why these items: "* Open Buddy List * View New Posts* View Today's Posts * Private Messages (Unread 0, Total 924" aren't also duplicated at the bottom, it would save everybody from scrolling back to the top of each page that way. Or, perhaps the program software is designed to give us a second look at the ads instead? Smiling
Reply
#29
(10-13-2011, 08:26 AM)Wonky Wrote:
(10-13-2011, 08:17 AM)kgasso Wrote: The interesting thing about it... it was fairly random as to whether or not it triggered, so it took me almost 2 hours to even duplicate it.

If we haven't done so lately, thanks KAM for your good and constant attention. Of course, considering the high dues we pay monthly we expect no less. Laughing

Ditto! Kam you rock!

Reply
#30
(10-13-2011, 12:27 PM)PonderThis Wrote: That's what internet hosting companies are for. You make them deal with it, or move the site to another one. Plus, maybe don't take ads. Smiling
Most of them won't deal with issues on user-installed software (like the bulletin board), just their own server software. Probably going to move this site to a VPS sooner or later just for more control over the installed software versions, and since I'd prefer to use the NGINX web server over Apache.

(10-13-2011, 06:30 PM)rainylady Wrote: I don't know if the Malware infected my router but I had to reset my router completely back to the beginning this morning. I could not access any https sites.
Haven't heard anything of that, maybe was just a router glitch?

(10-13-2011, 07:04 PM)PonderThis Wrote: As long as I know you're in there, Kam, something I notice on another forum is there are links at the bottom of the page as well as at the top. I wonder why these items: "* Open Buddy List * View New Posts* View Today's Posts * Private Messages (Unread 0, Total 924" aren't also duplicated at the bottom, it would save everybody from scrolling back to the top of each page that way. Or, perhaps the program software is designed to give us a second look at the ads instead? Smiling
Will see what I can do this weekend (changing the templates can be a scary thing, CSS is a fickle beast).

(FYI, I'm gonna axe the ads on the "new topic" and "post reply" page when I do this, they're annoying and in a terrible place)
Reply
#31
I was just perusing different threads on RVF (with Chrome) and got a warning:

Quote:Warning: Something's Not Right Here!

www.roguevalleyforum.com contains content from www.mudtrap.com, a site known to distribute malware. Your computer might catch a virus if you visit this site.

Google has found malicious software may be installed onto your computer if you proceed. If you've visited this site in the past or you trust this site, it's possible that it has just recently been compromised by a hacker. You should not proceed, and perhaps try again tomorrow or go somewhere else.

We have already notified www.mudtrap.com that we found malware on the site. For more about the problems found on www.mudtrap.com, visit the Google Safe Browsing diagnostic page.
Reply
#32
(08-31-2012, 04:43 PM)Scrapper Wrote: I was just perusing different threads on RVF (with Chrome) and got a warning:

Quote:Warning: Something's Not Right Here!

www.roguevalleyforum.com contains content from www.mudtrap.com, a site known to distribute malware. Your computer might catch a virus if you visit this site.

Google has found malicious software may be installed onto your computer if you proceed. If you've visited this site in the past or you trust this site, it's possible that it has just recently been compromised by a hacker. You should not proceed, and perhaps try again tomorrow or go somewhere else.

We have already notified www.mudtrap.com that we found malware on the site. For more about the problems found on www.mudtrap.com, visit the Google Safe Browsing diagnostic page.


Sounds spammy/phishy/virus-y to me.
Reply
#33
(08-31-2012, 04:43 PM)Scrapper Wrote: I was just perusing different threads on RVF (with Chrome) and got a warning:

Quote:Warning: Something's Not Right Here!

www.roguevalleyforum.com contains content from www.mudtrap.com, a site known to distribute malware. Your computer might catch a virus if you visit this site.

Google has found malicious software may be installed onto your computer if you proceed. If you've visited this site in the past or you trust this site, it's possible that it has just recently been compromised by a hacker. You should not proceed, and perhaps try again tomorrow or go somewhere else.

We have already notified www.mudtrap.com that we found malware on the site. For more about the problems found on www.mudtrap.com, visit the Google Safe Browsing diagnostic page.

I had the same warnings several months ago but only with Chrome My fix, delete Chrome and go back to Firefox. Haven't had any warnings since
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)