Ads are wrecking my head (1 Viewer)

[I Bleed Black]

Re: Weird homepage thing

There was a trojan attack from Thumped last time I accessed the bulletin board today. My virus software went nuts and then blocked the site. Im pretty sure it was one of those ads

Same happened with me

 

[nofriendo]

Re: Weird homepage thing

ok can you try clearing your firefox cache & see if it still happens?

still happening with cleared cache

 

[coast to coast]

Still doin that home page reset thing to my Firefox, after I cleared the cache and history. Works on Safari tho.

 

[pete]

Every time?

 

[coast to coast]

yeah every time. weird!

 

[pete]

ok - you mind testing something for me?

 

[nofriendo]

ok - you mind testing something for me?

right now its happening on Firefox on the mac. sure just let us know what you want done

 

[coast to coast]

ok - you mind testing something for me?

no problemo

 

[pete]

PMs, they have been sent

 

[coast to coast]

its not doing it for me anymore.

 

[ratmonkey]

Don't know if this is related, but pressing any key before focussing on a text field seems is causing NoScript to pop up a clickjacking warning with www.google.ie as the url. Something to do with a green / red bar a few pixels wide and 150ish vertical.

 

[pete]

Don't know if this is related, but pressing any key before focussing on a text field seems is causing NoScript to pop up a clickjacking warning with www.google.ie as the url. Something to do with a green / red bar a few pixels wide and 150ish vertical.

i can't reproduce that. are you on a mac or PC? how's your AV software looking?

 

[pete]

Well, I finally figured out what was going on. The ad server (OpenX) was hacked and its database had some nasty stuff inserted that automatically appended a hidden iframe to some of the ads being displayed on the site. I've cleaned out the crap so all that java alerts / page scrolling around shit should stop now. I've also updated to the latest available version of OpenX which is not vulnerable to this attack.

But that's only half the problem. Some of you without the latest software / OS patches or virus definitions may have gotten infected with something nasty. All I can suggest is that you run a manual full scan with your antivirus software of choice immediately(and if you don't have any or don't trust your current AV protection you could do a lot worse than the free Microsoft Security Essentials), followed by a scan with Malwarebytes or similar.

There'll be no excuses made. A critical piece of software was running a vulnerable version and I should have stayed on top of updating it. I didn't and it was exploited. All I can do at this point is apologise.

edit: those links of course refer to Windows applications. Mac & Linux users should be ok (in theory), but I'd still run whatever scans are possible.

 

[Denny Oubidoux]

Gosh. I didnt think you could catch nasty things these days just by surfing.

 

[pete]

You certainly can. The page being loaded by the iframe in question ran a series of tests against the machine that opened it to see if vulnerable versions of applications like adobe reader, internet explorer, java, firefox, safari etc were installed, then tried to exploit whatever it found. Nasty, nasty shit.

 

[shower another shower]

any recommendations for free OSX AV software.
Think I have funny things going on here.

 

[ratmonkey]

i can't reproduce that. are you on a mac or PC? how's your AV software looking?

Firefox on PC, running Avast because it's piratey. No sign of any nastiness at the moment. Clickjacking warning from here has stopped.

 

[Pedronimus]

My Avast caught this a few times yesterday morning and today. Also using Firefox. I thought it came from another site I was watching the Tour De France on.

 

[Scientician 0.8]

We still love you Pete.

 

[nooleen]

if you've had no display problems does that mean de virus didn't get you? my spidey sense tells me that's a silly question

PS will AVG free do the job?