View unanswered posts | View active topics It is currently Fri Dec 15, 2017 9:31 pm



Reply to topic  [ 21 posts ]  Go to page 1, 2  Next
 Malware Deteched!!!!! 
Author Message
Motorman

Joined: Sun Jun 18, 2006 2:20 am
Posts: 250
Post Malware Deteched!!!!!
Hey Ken!!!!
There is a malware detected status on this site with google chrome.


Sun Jan 23, 2011 3:07 am
Profile
Site Admin
User avatar

Joined: Sat Nov 16, 2002 6:44 pm
Posts: 11819
Post Re: Malware Deteched!!!!!
I got the same thing.

No clue.

_________________
Ken Hower Wrote: My advice to everyone.....DO NOT purchase any of these photographs....Tim Findlay can jack off to his hearts content over his killer pictures...alone.

Regards,
Ken


Sun Jan 23, 2011 9:23 am
Profile WWW
BOFH

Joined: Thu Aug 21, 2003 7:19 pm
Posts: 2220
Location: UK
Post Re: Malware Deteched!!!!!
The problem seems to be a link to ywnymomk dot net dot in somewhere on the board. Looking for it now.

_________________
Eat a third of a Mars Bar a day.


Sun Jan 23, 2011 10:50 am
Profile WWW
BOFH

Joined: Thu Aug 21, 2003 7:19 pm
Posts: 2220
Location: UK
Post Re: Malware Deteched!!!!!
Actually... It looks like it's actually racerxband.com that's been blacklisted rather than the board. Trying to find the offending link.

_________________
Eat a third of a Mars Bar a day.


Sun Jan 23, 2011 10:58 am
Profile WWW
BOFH

Joined: Thu Aug 21, 2003 7:19 pm
Posts: 2220
Location: UK
Post Re: Malware Deteched!!!!!
It is something to do with the main site. The reason it was being flagged up here on the forum is because my avatar is hosted on the main site.
I've removed it for now.

Grabbing a backup of the whole site so I can analyse it better; it's taking a while though.

_________________
Eat a third of a Mars Bar a day.


Sun Jan 23, 2011 11:55 am
Profile WWW
Unt! I'm a Moderator.

Joined: Sun Jan 30, 2005 8:07 am
Posts: 7453
Post Re: Malware Deteched!!!!!
Thanks for all the hard work, Tom 8)


Sun Jan 23, 2011 12:28 pm
Profile
BOFH

Joined: Thu Aug 21, 2003 7:19 pm
Posts: 2220
Location: UK
Post Re: Malware Deteched!!!!!
I've had a look through all the site code and I haven't found anything obvious. It's perfectly possible it was flagged accidentally, but I wouldn't want to assume that.

If anyone has actually experienced any problems with the main site I would like to hear about it.

_________________
Eat a third of a Mars Bar a day.


Sun Jan 23, 2011 1:17 pm
Profile WWW
Viking Kong
User avatar

Joined: Tue Jul 27, 2004 10:00 pm
Posts: 8264
Location: Denver, CO.
Post Re: Malware Deteched!!!!!
We appreciate the hard work, Tom.

_________________
Social justice is for pussies!


Sun Jan 23, 2011 3:35 pm
Profile
God Of The Sun

Joined: Sun Dec 11, 2005 1:43 am
Posts: 2041
Location: Almada, Portugal
Post Re: Malware Deteched!!!!!
No problems here.

Anyway, thanks for all your work, Tom :).


Sun Jan 23, 2011 6:13 pm
Profile
BOFH

Joined: Thu Aug 21, 2003 7:19 pm
Posts: 2220
Location: UK
Post Re: Malware Deteched!!!!!
The word back from Google is that the root of racerxband.com "returned no content", but redirected the crawler to a malicious site.

I can't find a damn thing. When I fetch the page as googlebot I still don't get a problem, so it's not a user-agent checking thing.
I've asked Ken to check with the hosting company to see if something's been compromised at a lower level; that's part of the reason I moved the board to a server I manage myself - I can check this stuff myself instead of relying on a hosting company to do it for me.

If anyone has any weird behaviour from visiting http://racerxband.com/ - please screenshot and log whatever you can and let me know.

Thanks, guys.

_________________
Eat a third of a Mars Bar a day.


Sun Jan 23, 2011 6:22 pm
Profile WWW
Viking Kong
User avatar

Joined: Sun Dec 14, 2008 5:55 pm
Posts: 6676
Location: Southern Ontario
Post Re: Malware Deteched!!!!!
Just visited, and it gave me the same malware detected message. I clicked why is this site blocked, and the biggest part of the message that caught my eye was this:

Quote:
What happened when Google visited this site?

Of the 2 pages we tested on the site over the past 90 days, 2 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2011-01-23, and the last time suspicious content was found on this site was on 2011-01-23.

Malicious software is hosted on 2 domain(s), including ywnymomk.net.in/, lqmtvjxu.net.in/.

This site was hosted on 1 network(s) including AS13618 (CARONET).

My screen caps of the event:
http://img255.imageshack.us/img255/9017/screen1wy.png
http://img412.imageshack.us/img412/3629/screen2hr.png


Sun Jan 23, 2011 6:44 pm
Profile
BOFH

Joined: Thu Aug 21, 2003 7:19 pm
Posts: 2220
Location: UK
Post Re: Malware Deteched!!!!!
Zesty wrote:
Just visited, and it gave me the same malware detected message. I clicked why is this site blocked, and the biggest part of the message that caught my eye was this:


Cheers, mate. I should have been more clear though. I have no problem reproducing the warning message, it's reproducing the thing the warning message is talking about I'm having a problem with, if that makes sense.

Essentially, Google are saying that when they visit the site they get re-directed to some other malicious site, but I haven't been able to make that happen. When I use Google's "fetch as googlebot" tool to check it, it all works fine.

Other than it being a mistake, I'm running out of ideas :-/

_________________
Eat a third of a Mars Bar a day.


Sun Jan 23, 2011 7:04 pm
Profile WWW
BOFH

Joined: Thu Aug 21, 2003 7:19 pm
Posts: 2220
Location: UK
Post Re: Malware Deteched!!!!!
Well, the good news is: the site hasn't been hacked.

The bad news is: the server it runs on has been hacked.

Looks like this rather nasty piece of work.

The other good news is: the board isn't effected because it runs on a different server.

_________________
Eat a third of a Mars Bar a day.


Sun Jan 23, 2011 7:25 pm
Profile WWW
Queen Dork of the board
User avatar

Joined: Mon Sep 22, 2008 7:14 pm
Posts: 3545
Location: Ethereal Being, USA
Post Re: Malware Deteched!!!!!
I warned everyone about this in 2009? when I got the errors, and it is almost exactly as I suspected.
My biggest suspicion was a code injection hack to the forum database on a shared server.
(This is why sometimes you get the error, and other times, you don't.)
Thank you for the sleuthing & confirmation, Big Tom!
The solution is partly done: update the forum software, and move the site off the hosting company.
I dunno what the rest is!

~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~ ~~


Sun Jan 23, 2011 10:23 pm
Profile
Site Admin
User avatar

Joined: Sat Nov 16, 2002 6:44 pm
Posts: 11819
Post Re: Malware Deteched!!!!!
The host has recompiled the server. No clue how long it will take google to be aware.

_________________
Ken Hower Wrote: My advice to everyone.....DO NOT purchase any of these photographs....Tim Findlay can jack off to his hearts content over his killer pictures...alone.

Regards,
Ken


Tue Jan 25, 2011 6:20 pm
Profile WWW
BOFH

Joined: Thu Aug 21, 2003 7:19 pm
Posts: 2220
Location: UK
Post Re: Malware Deteched!!!!!
KenHower wrote:
The host has recompiled the server. No clue how long it will take google to be aware.


I've requested a review. Took about 7 hours before they reviewed it last time.

_________________
Eat a third of a Mars Bar a day.


Tue Jan 25, 2011 6:56 pm
Profile WWW
BOFH

Joined: Thu Aug 21, 2003 7:19 pm
Posts: 2220
Location: UK
Post Re: Malware Deteched!!!!!
annnnnddd... It is done.

The hosting providers fixed the problem with the server, the review from Google went through and the "malware" flag has been removed.

Thank goodness for that :-)

_________________
Eat a third of a Mars Bar a day.


Wed Jan 26, 2011 1:13 pm
Profile WWW
Search Button God!
User avatar

Joined: Fri Apr 15, 2005 10:05 pm
Posts: 5107
Location: Mailbag Of Doom
Post Re: Malware Deteched!!!!!
Great. Don't forget to fix your avatar ;)

_________________
Image


Wed Jan 26, 2011 1:31 pm
Profile
Unt! I'm a Moderator.

Joined: Sun Jan 30, 2005 8:07 am
Posts: 7453
Post Re: Malware Deteched!!!!!
Put some tits or something 8)


Wed Jan 26, 2011 1:57 pm
Profile
Viking Kong
User avatar

Joined: Sun Nov 19, 2006 2:10 am
Posts: 5299
Location: France
Post Re: Malware Deteched!!!!!
Or ass. Thanks for all the fixing!

_________________
[img]http://i4.photobucket.com/albums/y108/beefsteaknimommy/ARXBA%2008/acidwire-bq-1.jpg[/img]

I spur stoic ass juice fossile !


Wed Jan 26, 2011 3:40 pm
Profile
Display posts from previous:  Sort by  
Reply to topic   [ 21 posts ]  Go to page 1, 2  Next

Who is online

Users browsing this forum: No registered users and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by ST Software for PTF.