# Malware on the site?



## CockroachMan (Sep 18, 2008)

Entering GBAtemp.net using Google Chrome I got a warning message:



			
				QUOTE said:
			
		

> Warning: Visiting this site may harm your computer!
> The website at gbatemp.net contains elements from the site megaxfinder.com, which appears to host malware – software that can hurt your computer or otherwise operate without your consent. Just visiting a site that contains malware can infect your computer.
> For detailed information about the problems with these elements, visit the Google Safe Browsing diagnostic page for megaxfinder.com.
> Learn more about how to protect yourself from harmful software online.



Could be something someone posted in the shoutbox, I dunno, couldn't find anything.. Also, I never had that until now (check the post's timestamp).. now it's appearing every time I visit the front page..


----------



## Satangel (Sep 18, 2008)

I don't get it with Chrome...


----------



## Minox (Sep 18, 2008)

This one?
CODE


----------



## Prime (Sep 18, 2008)

Satangel said:
			
		

> I don't get it with Chrome...



I do...

It appears ever page I visit.

I'm going to stop coming to GBAtemp.net if someone doesn't fix this. I don't want malware shit on my computer. There was a problem like awhile ago, NOD32 detected it


----------



## DeMoN (Sep 18, 2008)

I think it's the same as this problem: http://gbatemp.net/index.php?showtopic=104815
Should have been fixed by now.


----------



## Trolly (Sep 18, 2008)

Nope, I'm getting the problem again just now on Google Chrome. Can anyone fix this pleeease?


----------



## Golds (Sep 18, 2008)

i am getting it also.

Trojan.Adclicker

http://securityresponse.symantec.com/secur...-091214-5754-99


----------



## Prime (Sep 18, 2008)

NOD32 is starting to detect something like the last malware problem and still getting the error which is in the OP


----------



## Satangel (Sep 18, 2008)

What can I install to FireFox so it detects it too?
Because it's clearly here...


----------



## drake7707 (Sep 18, 2008)

I just got the same thing in IE7, AVG blocked the files in temp internet files folder


----------



## Prime (Sep 18, 2008)

Satangel said:
			
		

> What can I install to FireFox so it detects it too?
> Because it's clearly here...



Your anti malware program which monitors your internets should detect it

That's if you have one....


----------



## Satangel (Sep 18, 2008)

AVG Free is running here, nothing found.
And FireFox doesn't say shit too...


----------



## creepingcreep (Sep 18, 2008)

Golds said:
			
		

> i am getting it also.
> 
> Trojan.Adclicker
> 
> http://securityresponse.symantec.com/secur...-091214-5754-99



Yep I get the same


----------



## jumpman17 (Sep 18, 2008)

Could you guys try again? Tell me if it's still showing anything?


----------



## Minox (Sep 18, 2008)

jumpman17 said:
			
		

> Could you guys try again? Tell me if it's still showing anything?


It's still there...


----------



## King Zargo (Sep 18, 2008)

I get this.


----------



## jumpman17 (Sep 18, 2008)

Minox_IX said:
			
		

> jumpman17 said:
> 
> 
> 
> ...


So it's not the shoutbox then.


----------



## Ferrariman (Sep 18, 2008)

I never got anything like this.


----------



## Try2bcool (Sep 18, 2008)

Early this morning when I went to the GBAtemp homepage, (IE7) something tried to start up my MS Office setup, I had to cancel it 3 times before it stopped doing it.  I could see in the status bar that it was trying to pull data from some other site.  Just now when I came on here, Google Pop-up Blocker caught it.
I'll check back in a few days, this site has definitely been hijacked.


----------



## Prime (Sep 18, 2008)




----------



## CockroachMan (Sep 18, 2008)

Entering GBAtemp.net using Google Chrome I got a warning message:



			
				QUOTE said:
			
		

> Warning: Visiting this site may harm your computer!
> The website at gbatemp.net contains elements from the site megaxfinder.com, which appears to host malware – software that can hurt your computer or otherwise operate without your consent. Just visiting a site that contains malware can infect your computer.
> For detailed information about the problems with these elements, visit the Google Safe Browsing diagnostic page for megaxfinder.com.
> Learn more about how to protect yourself from harmful software online.



Could be something someone posted in the shoutbox, I dunno, couldn't find anything.. Also, I never had that until now (check the post's timestamp).. now it's appearing every time I visit the front page..


----------



## jumpman17 (Sep 18, 2008)

Well, it's not something posted on the shoutbox, it's not the same kind of attack like last time, and I don't see anything fishy in the code.

I'm going to go ahead and close the forum until Costello can take a look at it.


----------



## Satangel (Sep 18, 2008)

Close the entire forum?


----------



## Ferrariman (Sep 18, 2008)

SHIT BITCH


----------



## Prime (Sep 18, 2008)

Satangel said:
			
		

> Close the entire forum?



It needs to be done. I'm sure you can survive the forum being closed for awhile.

Good idea jumpman


----------



## jumpman17 (Sep 18, 2008)

Satangel said:
			
		

> Close the entire forum?



Well, something isn't right and I don't know if it's infecting people's computers or not. I've done everything I can and it didn't fix the problem.


----------



## Satangel (Sep 18, 2008)

Prime said:
			
		

> Satangel said:
> 
> 
> 
> ...



LOL yeah, but I'll miss it


----------



## Doomsday Forte (Sep 18, 2008)

We're back!  How's it looking now?


----------



## DarkRey (Sep 18, 2008)

man 
i was going to post this..


----------



## Rowan (Sep 18, 2008)

any news the site was shut


----------



## shaunj66 (Sep 18, 2008)

We're looking into it.


----------



## CockroachMan (Sep 18, 2008)

Thanks for the quick action!!


----------



## Prime (Sep 18, 2008)

I'm getting no warnings.

Thanks for fixing it.


----------



## arctic_flame (Sep 18, 2008)

Next time, try not to wet yourselves...


----------



## Prime (Sep 18, 2008)

arctic_flame said:
			
		

> Next time, try not to wet yourselves...



No one did...


----------



## CockroachMan (Sep 18, 2008)

arctic_flame said:
			
		

> Next time, try not to wet yourselves...



GBATemp has been attacked before.. you never know.. better be cautious.. 

And it seems to be clean now..


----------



## megawalk (Sep 18, 2008)

glad that i didn't come by when it was attacked.
thanks anyways


----------



## Renegade_R (Sep 18, 2008)

LULZ were had...bricks were SHAT.


----------



## Salamantis (Sep 18, 2008)

shaunj66 said:
			
		

> We're looking into it.


2nd time this happens this week... any explanations?


----------



## Costello (Sep 18, 2008)

explanations? a new IPB vulnerability was discovered.
http://forums.invisionpower.com/index.php?showtopic=276512

The first time, I spoke to Narin and I thought he was going to fix it but apparently I misunderstood him because he didn't.
It happened again today so I took a look and fixed the vulnerability, following the instructions given on the above link.
I did it this morning BUT apparently it didnt completely fix it :/ because it happened a 3rd time later today.
Anyhow I'm trying to figure out a way to completely prevent this, and I think I have a solution.


----------



## Gman 101 (Sep 19, 2008)

So... is the problem still around? Kaspersky isn't telling me anything and Firefox isn't either. Luckily all of this happened while I was sleeping.


----------



## CockroachMan (Sep 18, 2008)

Entering GBAtemp.net using Google Chrome I got a warning message:



			
				QUOTE said:
			
		

> Warning: Visiting this site may harm your computer!
> The website at gbatemp.net contains elements from the site megaxfinder.com, which appears to host malware – software that can hurt your computer or otherwise operate without your consent. Just visiting a site that contains malware can infect your computer.
> For detailed information about the problems with these elements, visit the Google Safe Browsing diagnostic page for megaxfinder.com.
> Learn more about how to protect yourself from harmful software online.



Could be something someone posted in the shoutbox, I dunno, couldn't find anything.. Also, I never had that until now (check the post's timestamp).. now it's appearing every time I visit the front page..


----------



## Prime (Sep 19, 2008)

Narin should have known about this and sorted it out, after all it is what he was promoted to do.

EDIT: it is fixed Gman 101


----------



## JPH (Sep 19, 2008)

Gman 101 said:
			
		

> So... is the problem still around? Kaspersky isn't telling me anything and Firefox isn't either. Luckily all of this happened while I was sleeping.


Yeah, I'm having no problems or warnings whatsoever.


----------

