imfdb.org

imfdb.org (http://forum.imfdb.org/index.php)
-   imfdb (http://forum.imfdb.org/forumdisplay.php?f=5)
-   -   Reported Attack Site (http://forum.imfdb.org/showthread.php?t=2112)

The Wierd It 12-24-2012 01:35 AM

Reported Attack Site
 
For whatever reason Firefox has started trying to tell me that IMFDB is an attack site.

Has anyone else had this warning, and what can we do about it?

Mr.Ice 12-24-2012 02:46 AM

Yeah I have the same problem but I just choose the ignore warning option and ran a virus scan which showed no problems for me.

Rockwolf66 12-24-2012 03:35 AM

Google is giving a warning about this site. Bunni needs to run a virus sweep of both our site and the adds then get us re registed as being clean.

I'm guessing that we got some bad code in an ad and got the whole site dinged for it.

Excalibur 12-24-2012 03:45 AM

Yeah I got the warning too and I clicked ignore. Everyone do a virus scan right now

Rockwolf66 12-24-2012 05:12 AM

My scan is clean. Notice how they don't tell you where they found the "Virus" on a site if you are an Admin for that site?

zackmann08 12-24-2012 05:57 AM

We are aware of the issue and are working to find a solution ASAP. Sorry guys!!

bunni 12-24-2012 07:29 AM

Quote:

Originally Posted by Rockwolf66 (Post 37289)
Google is giving a warning about this site. Bunni needs to run a virus sweep of both our site and the adds then get us re registed as being clean.

I'm guessing that we got some bad code in an ad and got the whole site dinged for it.

This is also my best guess at the moment as everything seems clean after check all the usual suspects. Google is reporting malicious code from outside domains, which would suggest an ad, if the software or server was compromised the malware would be store locally... Funnyjunk.com was also hit with similar malware warnings from similar domains (that's the only thing turning up in google searches for the domains attributed to the malware by google) so I'm thinking they were hit with the same malicious ad.

I've disabled ads for now and requested google review the site and remove the block.

So here is a warning on another site with the same domain, rltk.us, but here it also implicates openx.net as being the source - which ads more evidence to the 'bad ad' hypothesis.

Quote:

What is the current listing status for www.satelliteguys.us?
Site is listed as suspicious - visiting this web site may harm your computer.

What happened when Google visited this site?
Of the 96 pages we tested on the site over the past 90 days, 8 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2012-12-23, and the last time suspicious content was found on this site was on 2012-12-23.
Malicious software includes 2 exploit(s).

Malicious software is hosted on 3 domain(s), including bono.is-found.org/, erikss.dyndns-at-home.com/, rltk.us/.

2 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including openx.net/, rltk.us/.

This site was hosted on 2 network(s) including AS32244 (LIQUID), AS15169 (Google Internet Backbone).

bunni 12-24-2012 09:03 AM

Ok, I've removed all ads and cleared all cached page on the site so that hopefully in a few hours once the google bot comes back through we get a clean bill of health.

bunni 12-24-2012 01:51 PM

Quote:

Status of the latest badware review for this site: A review for this site has finished. The site was found clean. The badware warnings from web search are being removed. Please note that it can take some time for this change to propagate.
Yay, looks like we're clean again (:

The Wierd It 12-24-2012 01:53 PM

Confirmed.


All times are GMT. The time now is 10:28 AM.

Powered by vBulletin® Version 3.8.0
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.