Ming Dynasty Posted April 24, 2010 Report Share Posted April 24, 2010 This probably isn't what you meant by a bug, but for the past half-hour or so McAfee has been saying that I've been hit a few times with Generic Downloader.o (Trojan) During that time Cybernations was the only website being accessed. 5 attempts were made and McAfee claims that it prevented all of them. (Cookies allowed are (**very**) limited to McAfee, Cybernations, AOL and two other trusted sites; everything else is blocked.) Just an FYI. I didn't know who to send this info to. Ming Quote Link to comment Share on other sites More sharing options...
crucible Posted April 25, 2010 Report Share Posted April 25, 2010 (edited) Similar to Ming's report..... I just logged on a few minutes ago and MS Security Essentials stopped access my on my nation home page (right after logging in and paying daily bills). Security Essentials then reported cybernations.net as a site detected to have malware [i]by other users[/i], and then stopped a trojan that's called "Trojan:JS/Redirector.CI"; it rates it as severe; it was successful in getting rid of it. This trojan is further described: "Trojan:JS/Redirector.CI is a detection for obfuscated JavaScript contained within Web pages. This JavaScript may be present on a malicious Web site, and is used to redirect users to Web sites other than those of the user's choice." I am using Win7 64bit, and IE 8.0 and MS Security Essentials. I just tried it agin and I'm not getting any other error...perhaps it was one of the ads? C- Edited April 25, 2010 by crucible Quote Link to comment Share on other sites More sharing options...
Fizzydog Posted April 25, 2010 Report Share Posted April 25, 2010 I believe that a link was shown in the "Simplify infra purchasing" thread to a download for CN, which may be the reason. But other than that, CN cannot be hacked, as it is server based. Quote Link to comment Share on other sites More sharing options...
admin Posted April 25, 2010 Report Share Posted April 25, 2010 Thanks for the report. I've been hearing some information about some problems with Google Ads delivering up malicious files via flash ads. I actually got hit by one while doing some work on Cyber Citizens yesterday, the specific hit that I got was a "HTTP Trojan Mebroot Request" detected by Norton. I thought it might have been a fluke with my antivirus as I couldn't recreate the issue but after reading this report, and after running scans on the servers, it appears that it is indeed an issue with Google Ads. [url="http://www.google.com/support/forum/p/Google+Analytics/thread?tid=15e449daa81a9aab&hl=en"]Here is a discussion on it[/url]. I have suspended flash and image ads across all my websites until Google can get to the bottom of this. Quote Link to comment Share on other sites More sharing options...
Sakura Posted April 26, 2010 Report Share Posted April 26, 2010 (edited) Is that supposed to include the ('oddly' related to this thread) ad at the top of this post that I saw? [URL=http://img97.imageshack.us/i/facepalmad.jpg/][IMG]http://img97.imageshack.us/img97/7188/facepalmad.th.jpg[/IMG][/URL] Edited April 26, 2010 by Sakura Quote Link to comment Share on other sites More sharing options...
thedestro Posted April 26, 2010 Report Share Posted April 26, 2010 Ads target the content of the posts, thats how it works Quote Link to comment Share on other sites More sharing options...
New Carnoly Posted April 28, 2010 Report Share Posted April 28, 2010 I have the same problem. You are able to lift restrictions on Mcaffe Quote Link to comment Share on other sites More sharing options...
admin Posted April 28, 2010 Report Share Posted April 28, 2010 [quote name='Ronald McDonald' date='27 April 2010 - 07:40 PM' timestamp='1272415216' post='2277886'] I have the same problem. You are able to lift restrictions on Mcaffe [/quote] I don't understand your post. Quote Link to comment Share on other sites More sharing options...
Sakura Posted April 28, 2010 Report Share Posted April 28, 2010 [quote name='admin' date='28 April 2010 - 12:39 PM' timestamp='1272483527' post='2278710'] [quote name='Ronald McDonald' date='27 April 2010 - 05:40 PM' timestamp='1272415216' post='2277886'] I have the same problem. You are able to lift restrictions on Mcaffe [/quote] I don't understand your post. [/quote] Assuming I read what he wrote correctly... I think he's basically saying "you can disable the warning light". (Despite the minor detail that doing so would leave the underlying problem present, wouldn't it?) Quote Link to comment Share on other sites More sharing options...
Vivi Posted April 29, 2010 Report Share Posted April 29, 2010 Looks like [url=http://www.google.com/support/forum/p/AdSense/thread?hl=en&tid=420c791905c1c74d]this[/url] is the main page on it. A few other ones were closed with a link to that one. Quote Link to comment Share on other sites More sharing options...
Fighter26 Posted April 29, 2010 Report Share Posted April 29, 2010 (edited) [quote name='Vivi' date='29 April 2010 - 01:29 AM' timestamp='1272518978' post='2279498'] Looks like [url=http://www.google.com/support/forum/p/AdSense/thread?hl=en&tid=420c791905c1c74d]this[/url] is the main page on it. A few other ones were closed with a link to that one. [/quote] Seriously google needs to get their act together, how hard would it be to simply check ads though programs before making them live? Thought this was common sense. edit- just thought of possible issues with antivirus not prepared to handle it that second yet, so have a 2 day wait- then scan them and approve them. Also, download.com cant claim it's 100% virus free. Edited April 29, 2010 by Fighter26 Quote Link to comment Share on other sites More sharing options...
admin Posted April 29, 2010 Report Share Posted April 29, 2010 Google had a simple policy: Do No Harm. They are failing in that regard as far as this issue is concerned. Quote Link to comment Share on other sites More sharing options...
admin Posted May 3, 2010 Report Share Posted May 3, 2010 Ok, supposedly this issue has been corrected by Google by blocking ads generating from the website curves.com/?=345. If you see this issue pop up again please post as much information as possible, take screenshots, and record the exact URL that the infected ad is pointing to. (You can right click and get the image URL/Shortcut without actually clicking on the link.) Quote Link to comment Share on other sites More sharing options...
Duncan King Posted May 11, 2010 Report Share Posted May 11, 2010 Here's another thread about it: http://www.google.com/support/forum/p/AdSense/thread?tid=0249f1034c71d940&hl=en I find it incredibly ironic that a women's gym that advocates for self acceptance has an ad with a virus embedded in it. Quote Link to comment Share on other sites More sharing options...
Delta1212 Posted May 12, 2010 Report Share Posted May 12, 2010 [quote name='admin' date='29 April 2010 - 01:40 PM' timestamp='1272562817' post='2280016'] Google had a simple policy: Do No Harm. They are failing in that regard as far as this issue is concerned. [/quote] Actually, that's the Hippocratic oath. Google's policy was Don't Be Evil. Quote Link to comment Share on other sites More sharing options...
Julian the Apostate Posted May 13, 2010 Report Share Posted May 13, 2010 Got a virus alert today from an ad on CN. Here's the info: [code]When accessing data from the URL, "http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9338475562447655&output=html&h=90&slotname=4142116991&w=728&lmt=1273762364&flash=10.0.45&url=http%3A%2F%2Fwww.cybernations.net%2Fnation_drill_display.asp%3FNation_ID%3D387290&dt=1273762364375&shv=r20100422&correlator=1273762364378&frm=0&ga_vid=625284967.1267506638&ga_sid=1273762364&ga_hid=1587994073&ga_fc=1&u_tz=-240&u_his=10&u_java=1&u_h=1050&u_w=1680&u_ah=1050&u_aw=1680&u_cd=24&u_nplug=6&u_nmime=75&biw=1663&bih=977&eid=33895100&ref=http%3A%2F%2Fwww.cybernations.net%2Ftrade_information.asp%3FNation_ID%3D34805&fu=0&ifi=1&dtd=65&xpc=FWIabVLvlb&p=http%3A//www.cybernations.net" a virus or unwanted program 'HTML/Infected.WebPage.Gen' [virus] was found. Action taken: Blocked file[/code] Quote Link to comment Share on other sites More sharing options...
admin Posted May 13, 2010 Report Share Posted May 13, 2010 [quote name='admin' date='03 May 2010 - 03:56 PM' timestamp='1272920147' post='2285281'] If you see this issue pop up again please post as much information as possible, take screenshots, and record the exact URL that the infected ad is pointing to. (You can right click and get the image URL/Shortcut without actually clicking on the link.) [/quote] ^ This information is required if you get a virus popup from an ad. Quote Link to comment Share on other sites More sharing options...
lonewolfe2015 Posted May 19, 2010 Report Share Posted May 19, 2010 (edited) Strange, happened immediately when I returned to page 1490 of the Sanction Race Thread. ([url=http://forums.cybernations.net/index.php?showtopic=11169&st=29780]Linky[/url]) [img]http://img257.imageshack.us/img257/2239/29944800.png[/img] Sporting an updated Chrome currently. E: Also, this [u]only[/u] happens on that page, the one before and after it never occurs on. Edited May 19, 2010 by lonewolfe2015 Quote Link to comment Share on other sites More sharing options...
lonewolfe2015 Posted May 20, 2010 Report Share Posted May 20, 2010 Got hit by it again at this link: [url=http://forums.cybernations.net/index.php?showtopic=86171&st=40]Link[/url] - 3rd page of recent NPO announcement. Any idea what Chrome is picking up on? Quote Link to comment Share on other sites More sharing options...
Gopherbashi Posted May 20, 2010 Report Share Posted May 20, 2010 (edited) [quote name='lonewolfe2015' date='19 May 2010 - 05:57 PM' timestamp='1274306249' post='2303743'] Strange, happened immediately when I returned to page 1490 of the Sanction Race Thread. Sporting an updated Chrome currently. [/quote] Chrome is evidently unequipped to handle the Sanction Race's level of Amazing. It could be either be an ad or someone's avatar/sig - most likely the former, as I just went there and didn't get any warning of my own. Do you remember what ad was on either of those pages when you clicked? Edited May 20, 2010 by Gopherbashi Quote Link to comment Share on other sites More sharing options...
lonewolfe2015 Posted May 20, 2010 Report Share Posted May 20, 2010 Unfortunately, no. Because the moment I clicked to the page Chrome went all doomsday on me and put that screenshot up. Quote Link to comment Share on other sites More sharing options...
Stealth Posted May 25, 2010 Report Share Posted May 25, 2010 Got hit by some kind of trojan when i opened up last page of [url="http://forums.cybernations.net/index.php?showtopic=86173&st=140"]link[/url] java opened up and installed some sort of rogue antivirus software. Quote Link to comment Share on other sites More sharing options...
maxfiles Posted May 25, 2010 Report Share Posted May 25, 2010 well adblock and noscript go back on firefox.. Quote Link to comment Share on other sites More sharing options...
Laomedon Posted May 31, 2010 Report Share Posted May 31, 2010 [quote name='Stealth' date='24 May 2010 - 06:39 PM' timestamp='1274751580' post='2310744'] Got hit by some kind of trojan when i opened up last page of [url="http://forums.cybernations.net/index.php?showtopic=86173&st=140"]link[/url] java opened up and installed some sort of rogue antivirus software. [/quote] I pulled the fake antivirus software off of the CN page the other day as well. (It was an add about books of some sort?) My browser told me that it couldn't play media without me allowing it, which I didn't (who wants to hear an ad?) but then the java thing pops up, and yay! Antivirus System Pro (or whatever version this was) is on my computer, sending scary pop ups all over. Luckily, malwarebytes is awesome. (I cleaned up most of the mess manually, but used malwarebytes to dig up the rootkit. Damn viruses.) So if google ads has a "make ads suck less" option, now would be the time to use it. Quote Link to comment Share on other sites More sharing options...
Diablofan Posted June 6, 2010 Report Share Posted June 6, 2010 [quote name='lonewolfe2015' date='20 May 2010 - 07:00 PM' timestamp='1274396441' post='2305906'] Unfortunately, no. Because the moment I clicked to the page Chrome went all doomsday on me and put that screenshot up. [/quote] I actually spotted why you we're getting that popup. The error said that the malware was linked to gifup.com. Well, after looking at the two pages you linked, there were gifs hosted at gifup.com. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.