Go Back   English Forum Switzerland > Support > Support > Announcements  
Reply
 
Thread Tools Display Modes
  #1  
Old 12.10.2010, 06:37
Junior Member
 
Join Date: Oct 2010
Location: Zurich
Posts: 40
Groaned at 0 Times in 0 Posts
Thanked 21 Times in 13 Posts
Scotty Bob has earned some respectScotty Bob has earned some respect
EF reported as hosting malware [Update: Now fixed]

Just a note to the mods, my browser is reporting the forum as a reported attack site.

Bob
Reply With Quote
The following 6 users would like to thank Scotty Bob for this useful post:
  #2  
Old 12.10.2010, 06:58
naten's Avatar
Junior Member
 
Join Date: Jul 2010
Location: Lugano
Posts: 65
Groaned at 0 Times in 0 Posts
Thanked 51 Times in 24 Posts
naten has made some interesting contributions
Re: EF is comming up as a reported attack site

Here's what Google has to say about the site:

http://safebrowsing.clients.google.c...hrome&hl=en-US

Quote:
What happened when Google visited this site?

Of the 377 pages we tested on the site over the past 90 days, 3 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-10-11, and the last time suspicious content was found on this site was on 2010-10-11.
Malicious software includes 3 exploit(s). Successful infection resulted in an average of 7 new process(es) on the target machine.

Malicious software is hosted on 2 domain(s), including thanubalrajh.com/, solidduck.ru/.

3 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including openx.org/, ibrla.com/, experteerads.com/.

This site was hosted on 1 network(s) including AS8560 (SCHLUND).

Has this site acted as an intermediary resulting in further distribution of malware?
Over the past 90 days, englishforum.ch did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.

How did this happen?

In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.
Reply With Quote
  #3  
Old 12.10.2010, 07:01
Slaphead's Avatar
Forum Legend
 
Join Date: May 2007
Location: Zürich
Posts: 3,223
Groaned at 34 Times in 30 Posts
Thanked 9,408 Times in 2,870 Posts
Slaphead has a reputation beyond reputeSlaphead has a reputation beyond reputeSlaphead has a reputation beyond reputeSlaphead has a reputation beyond reputeSlaphead has a reputation beyond reputeSlaphead has a reputation beyond repute
Re: EF is comming up as a reported attack site

Yep, happened to me just now.



Looks like we've been mistakenly entered onto a malware list somewhere.

If you're running firefox you can bypass this by going to the security tab in the preferences, and unchecking "Block reported attack sites". However depending on your browsing habits this may not be a good idea.

If you're getting this message from your browser it would be good if you could say what your browser is, and operating system.

Camino 2.0.4 (Mozilla), Mac OS 10.6.4.
Attached Thumbnails
ef-reported-hosting-malware-update-now-fixed-screen-shot-2010-10-12-06.44.54.jpg  
__________________
...allegedly.
Reply With Quote
The following 3 users would like to thank Slaphead for this useful post:
  #4  
Old 12.10.2010, 07:04
Guest
 
Posts: n/a
Re: EF is comming up as a reported attack site

Another potential cause is malware within linked ads.
Reply With Quote
This user would like to thank for this useful post:
  #5  
Old 12.10.2010, 07:18
dawiz's Avatar
Forum Legend
 
Join Date: Dec 2006
Location: Ostschweiz
Posts: 4,112
Groaned at 96 Times in 46 Posts
Thanked 2,050 Times in 1,191 Posts
dawiz has a reputation beyond reputedawiz has a reputation beyond reputedawiz has a reputation beyond reputedawiz has a reputation beyond reputedawiz has a reputation beyond repute
What's that? Malware on Englishforum.ch?

somehow, englishforum.ch ended up on Google Chrome's Hacker-Site Blacklist. What's going on here?


Sorry, was already reported here:

http://www.englishforum.ch/forum-sup...tack-site.html
Attached Thumbnails
ef-reported-hosting-malware-update-now-fixed-english-malware.jpg  

Last edited by dawiz; 12.10.2010 at 07:28.
Reply With Quote
  #6  
Old 12.10.2010, 07:20
Mowvich's Avatar
Forum Veteran
 
Join Date: Apr 2007
Location: Genève
Posts: 1,422
Groaned at 28 Times in 20 Posts
Thanked 1,308 Times in 607 Posts
Mowvich has a reputation beyond reputeMowvich has a reputation beyond reputeMowvich has a reputation beyond reputeMowvich has a reputation beyond reputeMowvich has a reputation beyond repute
Re: EF is comming up as a reported attack site

Probably it's this bit of code:

<script> COMSCORE.beacon({ c1:2, c2:7829172, c3:"", c4:"", c5:"", c6:"", c15:"" }); </script> <noscript> <img src="http://b.scorecardresearch.com/p?c1=2&c2=7829172&c3=&c4=&c5=&c6=&c15=&cj=1" /> </noscript>
Part of: www.fullcirclestudies.com
Info and Opt out: http://www.scorecardresearch.com/Priv.html
Reply With Quote
This user would like to thank Mowvich for this useful post:
  #7  
Old 12.10.2010, 07:27
dawiz's Avatar
Forum Legend
 
Join Date: Dec 2006
Location: Ostschweiz
Posts: 4,112
Groaned at 96 Times in 46 Posts
Thanked 2,050 Times in 1,191 Posts
dawiz has a reputation beyond reputedawiz has a reputation beyond reputedawiz has a reputation beyond reputedawiz has a reputation beyond reputedawiz has a reputation beyond repute
Re: EF is comming up as a reported attack site

Happening both on Google Chrome and Firefox under Windows 7. Apparently, they use the same blacklist.
Attached Thumbnails
ef-reported-hosting-malware-update-now-fixed-english-malware.jpg   ef-reported-hosting-malware-update-now-fixed-english-malware2.jpg  
Reply With Quote
  #8  
Old 12.10.2010, 07:34
Guest
 
Posts: n/a
Re: EF reported as hosting malware

Sorry about this.

One of our third-party adservers seems to be serving up malware via their ads.

Our use of that adserver has now been switched off.

This means that EF is now safe to browse.

Unfortunately it will probably take a little while until Google and other malware detectors catch up and clear their warnings. We're working to speed that up.
Reply With Quote
  #9  
Old 12.10.2010, 07:46
Guest
 
Posts: n/a
Re: EF reported as hosting malware

Just happened to me but followed Slaphead's advice and now back to normal...weird morning I tell ya!
Reply With Quote
  #10  
Old 12.10.2010, 07:58
Caviarchips's Avatar
Forum Legend
 
Join Date: May 2010
Location: Basel Stadt
Posts: 3,979
Groaned at 99 Times in 77 Posts
Thanked 6,677 Times in 2,388 Posts
Caviarchips has a reputation beyond reputeCaviarchips has a reputation beyond reputeCaviarchips has a reputation beyond reputeCaviarchips has a reputation beyond reputeCaviarchips has a reputation beyond reputeCaviarchips has a reputation beyond repute
Re: EF reported as hosting malware

Quote:
View Post
Just happened to me but followed Slaphead's advice and now back to normal...weird morning I tell ya!
May be an idea to turn it back on soon though.....somebody hosting something did something that they shouldn't have done and the software on your PC caught it.....I wouldn't leave it switched off to be honest
Reply With Quote
This user would like to thank Caviarchips for this useful post:
  #11  
Old 12.10.2010, 08:01
Serafina's Avatar
Forum Veteran
 
Join Date: Jun 2009
Location: Canton Geneve
Posts: 504
Groaned at 1 Time in 1 Post
Thanked 230 Times in 153 Posts
Serafina has earned the respect of manySerafina has earned the respect of manySerafina has earned the respect of many
Re: EF reported as hosting malware

Safari is putting up this warning on every single click within the site. Must figure out how to turn that off specifically for this site...
ef-reported-hosting-malware-update-now-fixed-screen-shot-2010-10-12-7.56.04-am.jpg
Reply With Quote
  #12  
Old 12.10.2010, 08:34
Wingnut's Avatar
Junior Member
 
Join Date: Dec 2007
Location: Zurich
Posts: 81
Groaned at 0 Times in 0 Posts
Thanked 36 Times in 22 Posts
Wingnut has earned some respectWingnut has earned some respect
Re: EF is comming up as a reported attack site

[QUOTE=Mowvich;974530]Probably it's this bit of code:

<script> COMSCORE.beacon({ c1:2, c2:7829172, c3:"", c4:"", c5:"", c6:"", c15:"" }); </script> <noscript> <img src="http://b.scorecardresearch.com/p?c1=2&c2=7829172&c3=&c4=&c5=&c6=&c15=&cj=1" /> </noscript>
Also, on older browsers (IE6 for example), every page load throws a javascript exception on COMSCORE right now which causes a few annoying popup messageboxes.
Reply With Quote
  #13  
Old 12.10.2010, 08:36
CheesyKiwi's Avatar
Forum Veteran
 
Join Date: Nov 2009
Location: Basel, Bruderholz
Posts: 509
Groaned at 3 Times in 3 Posts
Thanked 363 Times in 160 Posts
CheesyKiwi has a reputation beyond reputeCheesyKiwi has a reputation beyond reputeCheesyKiwi has a reputation beyond reputeCheesyKiwi has a reputation beyond repute
Re: EF reported as hosting malware

This means that EF is now safe to browse.

Phew, for a moment there I thought it was not safe to browse.

CK
Reply With Quote
  #14  
Old 12.10.2010, 08:38
vwild1
 
Posts: n/a
Re: EF reported as hosting malware

Quote:
View Post
This means that EF is now safe to browse.
For you own safety (and sanity) please avoid the "where can I buy brown sugar" threads..
Reply With Quote
The following 8 users would like to thank for this useful post:
  #15  
Old 12.10.2010, 08:54
Caviarchips's Avatar
Forum Legend
 
Join Date: May 2010
Location: Basel Stadt
Posts: 3,979
Groaned at 99 Times in 77 Posts
Thanked 6,677 Times in 2,388 Posts
Caviarchips has a reputation beyond reputeCaviarchips has a reputation beyond reputeCaviarchips has a reputation beyond reputeCaviarchips has a reputation beyond reputeCaviarchips has a reputation beyond reputeCaviarchips has a reputation beyond repute
Re: EF reported as hosting malware

Quote:
View Post
Sorry about this.

One of our third-party adservers seems to be serving up malware via their ads.

Our use of that adserver has now been switched off.

This means that EF is now safe to browse.

Unfortunately it will probably take a little while until Google and other malware detectors catch up and clear their warnings. We're working to speed that up.
Well....thats good to know.....but why did it take Google and reports from the users to highlight it to the Admin team.....aren't there systems at your end to stop users being put at risk through the EF site?

Just wonderin'
Reply With Quote
  #16  
Old 12.10.2010, 08:55
cmirsky's Avatar
Forum Veteran
 
Join Date: Aug 2009
Location: Basel CH
Posts: 576
Groaned at 3 Times in 2 Posts
Thanked 1,038 Times in 323 Posts
cmirsky has a reputation beyond reputecmirsky has a reputation beyond reputecmirsky has a reputation beyond reputecmirsky has a reputation beyond reputecmirsky has a reputation beyond repute
Re: EF reported as hosting malware

Quote:
View Post
For you own safety (and sanity) please avoid the "where can I buy brown sugar" threads..
Or the "Is this enough to live on.." threads...
Reply With Quote
The following 3 users would like to thank cmirsky for this useful post:
  #17  
Old 12.10.2010, 08:56
Guest
 
Posts: n/a
Re: EF reported as hosting malware

@CaviarChips, it's a fair point.

We blindly trusted the ad servers not to serve malware.

We won't make the same mistake again though.
Reply With Quote
The following 4 users would like to thank for this useful post:
  #18  
Old 12.10.2010, 08:57
MusicChick's Avatar
Forum Legend
 
Join Date: Feb 2008
Location: La Cote
Posts: 17,488
Groaned at 414 Times in 275 Posts
Thanked 20,435 Times in 10,578 Posts
MusicChick has a reputation beyond reputeMusicChick has a reputation beyond reputeMusicChick has a reputation beyond reputeMusicChick has a reputation beyond reputeMusicChick has a reputation beyond reputeMusicChick has a reputation beyond repute
Re: EF reported as hosting malware

You guys are so clever, you got it already all figured out, I couldn't get in using google search, it took me a while to figure out to just type up the address into the address window. Phew, thought I had a bug, scanned all our pcs like a maniac, it wouldn't be a good time to get a bug. Off I go and back up...
Reply With Quote
This user would like to thank MusicChick for this useful post:
  #19  
Old 12.10.2010, 09:02
CheesyKiwi's Avatar
Forum Veteran
 
Join Date: Nov 2009
Location: Basel, Bruderholz
Posts: 509
Groaned at 3 Times in 3 Posts
Thanked 363 Times in 160 Posts
CheesyKiwi has a reputation beyond reputeCheesyKiwi has a reputation beyond reputeCheesyKiwi has a reputation beyond reputeCheesyKiwi has a reputation beyond repute
Re: EF reported as hosting malware

Quote:
View Post
aren't there systems at your end to stop users being put at risk through the EF site?
Considering that large commercial sites fall victim to this from time to time highlights just how hard it is to prevent. There is a long chain of trust in getting ads to websites. It only takes one of those chain links to be compromised and from there the entire chain can be compromised.

There are products out there that can be installed by the site admin, you can think of it as anti-malware/virus for ads. They are scanned before being served up on the site. Much like webmail providers scan attachments before you can download them (gmail for instance).

Of course.. you as the customer can protect yourself with adblock plugins. Simple google search for adblock and your browsers name will get you what you want. *But* this cuts revenue to the site, site doesn't have resources to protect the other users.

CK
Reply With Quote
This user would like to thank CheesyKiwi for this useful post:
  #20  
Old 12.10.2010, 09:08
Slaphead's Avatar
Forum Legend
 
Join Date: May 2007
Location: Zürich
Posts: 3,223
Groaned at 34 Times in 30 Posts
Thanked 9,408 Times in 2,870 Posts
Slaphead has a reputation beyond reputeSlaphead has a reputation beyond reputeSlaphead has a reputation beyond reputeSlaphead has a reputation beyond reputeSlaphead has a reputation beyond reputeSlaphead has a reputation beyond repute
Re: EF reported as hosting malware

Quote:
View Post
Safari is putting up this warning on every single click within the site. Must figure out how to turn that off specifically for this site...
Attachment 19629
I've just had a look at Safari and it appears to be an all or nothing approach - in fact in all the browsers I've looked at so far I've not been able to make an exception for this particular problem.

If you generally never see this warning while browsing, then you're probably ok to disable the warning temporarily. However it will be at your own risk.
Reply With Quote
Reply




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Should 2nd Pillar accounts be reported on form TD F 90-22.1 ? MGC Finance/banking/taxation 9 27.01.2013 20:41
Firefox users targeted by rare piece of malware jrspet TV/internet/telephone 0 04.12.2008 19:13


All times are GMT +2. The time now is 12:17.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.1.0