Infection

Discussion in 'Site Discussions & Suggestions' started by rehevkor, Sep 25, 2011.

  1. rehevkor
    OP

    rehevkor GBAtemp Fan

    Member
    454
    127
    Feb 21, 2011
    I've just had a rather unpleasant experience while browsing the forum - including some kind of attempted infection. I was reading while not logged in, after having come here via a search engine, I clicked on the Kirby Mass Attack AP thread and instead of going to the thread I started getting redirected all over the place - the next few entries in the history where (click at your own risk):


    Ending up at I believe the Costse.net site, which appeared to be some kind of DS flashcard site. Going back in my browser to GBAtemp and clicking on the thread again then took me to shoptemp.net, or in one case to www.shoptemp.fr - this happened no matter where I tried to go on the forums, more google-analytics urls were in my history during that too. Only way to fix it was to close and re open the browser - coming back here I had no problems.

    But most worrying was a threat alert from AVG, warning me of:

    File name: h.golfes.in/main.php?page=76f6b79d5210675d

    Threat name: Exploit Blackhole Explot Kit (type 2057)

    False positive? I don't know.
     
  2. BoxmanWTF

    BoxmanWTF ♪Toot Toot Sonic Warrior♫

    Member
    1,145
    230
    Nov 22, 2008
    Canada
    Behind you
    hoo boy...
     
  3. Rydian

    Rydian Resident Furvert™

    Member
    27,883
    8,128
    Feb 4, 2010
    United States
    Cave Entrance, Watching Cyan Write Letters
    Looks like a rogue ad.
     
  4. ShinyJellicent12

    ShinyJellicent12 I summon giant clover-shaped meteors in the sky

    Member
    709
    24
    Mar 21, 2011
    United States
    The Moon
    Uh.... oh...
     
  5. Bladexdsl

    Bladexdsl ZOMG my posts...it's over 9000!!!

    Member
    16,417
    4,024
    Nov 17, 2008
    Australia
    Queensland
    hehehe should have had Noscript installed
     
  6. Rydian

    Rydian Resident Furvert™

    Member
    27,883
    8,128
    Feb 4, 2010
    United States
    Cave Entrance, Watching Cyan Write Letters
    "Got shot at school? Heehee should have worn a bullet-proof vest."

    The point being that if things are running smoothly you shouldn't need to resort to such measures on a safe site like this. If an advertising company allowed to insert ads into these pages is forwarding along redirects and infections, it's a problem for the site, which is why this thread is here.
     
  7. Bladexdsl

    Bladexdsl ZOMG my posts...it's over 9000!!!

    Member
    16,417
    4,024
    Nov 17, 2008
    Australia
    Queensland
    doesnt matter how safe you think a site is if you go into a site without protection than your asking for trouble. i dont go anywhere without adblockplus, noscript and betterprivacy turned ON [​IMG]
     
  8. pspunabletohack

    pspunabletohack GBAtemp Fan

    Member
    346
    1
    Sep 11, 2010
    Belgium
    Yes i clicked the links and i'm infected
    EDIT: oh wait it was just a crack on my destkop lol
     
  9. Bladexdsl

    Bladexdsl ZOMG my posts...it's over 9000!!!

    Member
    16,417
    4,024
    Nov 17, 2008
    Australia
    Queensland
    you dont need to click anything if some idiot has a script in their sig and you go to the same thread as them it can activate itself without you even knowing!