Malware issue on 5 Keys to Victory post...

The Lounge is for non-sport-related topics other than politics, war and religion. Order up your favorite beverage, kick back and enjoy the conversation! RATING: PG-13
  • Got this message that popped up when I tried to click on the 5 Keys thread down the page a bit...Just wanted folks to know...
    Attachments
    malware.PNG
    malware.PNG (91.39 KiB) Viewed 2334 times
    Image

    Les "The Radish" Norton - Ambassador/Grandfather of .NET, gone too soon but will never be forgotten. RIP
    User avatar
    Aros
    [[ .NET Godfather ]]
     
    Posts: 8192
    Joined: Fri Feb 23, 2007 12:58 am
    Location: Just 6 miles from Richard Sherman!


  • So did I.

    I ain't scurred!
    GET YOUR EAR PLUGS READY!!!
    User avatar
    TheHawkster
    * NET Bad Ass *
     
    Posts: 1980
    Joined: Mon Mar 05, 2007 12:00 am
    Location: Puyallup


  • I've recieved that message when I know for an absolute fact the site Iwas visiting ran no malware whatsoever. It's a crapshoot if you don't know who runs the site though.
    User avatar
    bellingerga
    NET Veteran
     
    Posts: 5313
    Joined: Thu Apr 30, 2009 12:28 pm
    Location: Beaverton, Oregon


  • I went ahead and clicked "advanced" and then proceed at own risk.

    It's another one of Hawkscanners epic posts. Dude puts in way too much work for me to avoid the post based on a mistake by Google.
    User avatar
    bellingerga
    NET Veteran
     
    Posts: 5313
    Joined: Thu Apr 30, 2009 12:28 pm
    Location: Beaverton, Oregon


  • Could be one of the pictures he linked.
    SEAHAWKS.NET. We All We Got, We All We Need
    User avatar
    Scottemojo
    *Scott of Smacksville*
    *Scott of Smacksville*
     
    Posts: 11260
    Joined: Thu Apr 30, 2009 9:14 am


  • bellingerga wrote:I've recieved that message when I know for an absolute fact the site Iwas visiting ran no malware whatsoever. It's a crapshoot if you don't know who runs the site though.

    Sadly, it doesn't entirely matter whether the site is legitimate any more. One of their "new" fun tricks is getting harmful content on perfectly good websites.

    As far as this goes, though, it has a problem with the Russell Wilson picture, which is embedded directly from winforever.com. I'd guess that there was just some malware posted in comments on the blog since google only complains about the 'blog.' section of their website. Probably nothing to worry about since we're just getting the one picture.
    User avatar
    aku
    NET Rookie
     
    Posts: 116
    Joined: Tue Jun 12, 2012 6:50 am


  • Alright guys, as I said in the 5 Keys to Victory Thread, I went ahead and switched out the Russell Wilson picture (hopefully that was truly was the problem). You guys still getting the same Malware message? Hopefully that solved the issue.

    Can someone let me know if they're still getting that message or not?
    User avatar
    Hawkscanner
    * NET Sage *
     
    Posts: 981
    Joined: Mon Jan 17, 2011 7:28 am


  • It was clear on my end. No problem.
    User avatar
    LudwigsDrummer
    US Navy Air VP 56 `74-`78
     
    Posts: 1513
    Joined: Fri May 01, 2009 3:44 pm
    Location: Smokey Point


  • False positive. Blog.winforever a "known" malware distriibutor? Give me a break.
    "God Bless the Seattle Seahawks" Cortez Kennedy
    User avatar
    ivotuk
    * NET Nobody *
     
    Posts: 8716
    Joined: Sat Mar 03, 2007 7:29 pm
    Location: North Pole, Alaska


  • ivotuk wrote:False positive. Blog.winforever a "known" malware distriibutor? Give me a break.


    Be careful. You can't think about malware that way. Legitimate web servers are infected and subsequently controlled to serve malware. That is probably 90 percent of browser based malware now.

    I had to handle an incident at work where an ad server that CNN utilized was linking to some malware.

    What google is doing is a great step, although yes, sometimes it will false positive... In this case there was no risk to .net because we were just requesting a picture but I'd bet something harmful was posted at win forever.
    User avatar
    CaptainSkybeard
    NET Veteran
     
    Posts: 904
    Joined: Fri Sep 16, 2011 4:08 pm


  • I also use Chrome. Is that protection built in by default or do I need to enable something to get it?
    Idle vaporings of a mind diseased
    Image
    User avatar
    VaporHawk
    NET Veteran
     
    Posts: 1537
    Joined: Sat Mar 03, 2007 8:47 am
    Location: Seattle


  • VaporHawk wrote:I also use Chrome. Is that protection built in by default or do I need to enable something to get it?


    With chrome I believe that works out of the box. Internet explorer has something somewhat similar you can set up too.

    I would recommend setting up openDNS and having it block malware domains though. It it a DNS service, you just change your DNS servers to theirs and then log into their web interface where you can block URL categories or just malware domains. Pretty useful.
    User avatar
    CaptainSkybeard
    NET Veteran
     
    Posts: 904
    Joined: Fri Sep 16, 2011 4:08 pm


  • An example that may be relevant here... I opened up Tony Pauline's 'Draft Insider' blog on my phone a week or two ago and suddenly a porn site loaded up... which is strange considering my phone won't even let me open Pro-Football Talk without switching the settings. Seems like if you have a blog and don't keep an eye on the comments section, you could be in trouble.
    User avatar
    theENGLISHseahawk
    NET Veteran
     
    Posts: 8067
    Joined: Thu Apr 30, 2009 8:13 am


  • The majority of alerts like that on legitimate websites are ads from quasi-legitimate online ad revenue sites. Obviously, we don't have ads here; but there are plenty of custom avatar pics hosted on a gazillion different websites, so just someone's profile pic being hosted on some untrusted site can trigger that.

    ...Or, a terrorist cracked .NET, and we're all getting a thousand viruses right now. ;)
    Image
    "VICTORYYYYYYY!" -Johnny Drama
    User avatar
    RolandDeschain
    *NET FCC Liaison*
     
    Posts: 26427
    Joined: Fri May 01, 2009 8:39 am
    Location: Kirkland, WA


  • We run into this at my work. We provide a front end that insurance companies log into. We get a ton of false positives, and sometimes it is a random auto selected content setting or just for no apparent reason at all.

    There is this sort of random half-joke half-rumor that the browser makers are going to start making us pay a fee to be "secure" and "well-known" and "safe" on their browser. On some of the stuff I've seen in alpha and beta testing it wouldn't surprise me a bit if we were headed down this road. I think a whole new round of browser wars are coming. Of course on the flip-side, we are just putting a lot more time toward developing our own apps for our customers to use that are free, and then they don't have to deal with any of that business. They download it from us, we control the back end, so they know that's secure, and we control log-ins, so that's secure, and we control the program in which the "workgroup" (can't give too much away here) that is receiving the data uses and all interactions. The web side of it just makes it easier, but we can bypass it entirely, but I find myself spending an inordinate amount of time going back through really specific processes that a big customer has dealt with for a day or two, only to find out it's just nothing and they're getting a false positive (or a negative, however you want to look at it).

    We have NO outside advertising of any sort and are used by professionals in the industry to process claims, so it wouldn't even be some piece of bad linkage causing the problem. It's an irritant, but we usually figure it out within 15-20 minutes. It's the increased frequency that is the problem, and then I have to be a jerk and tell the president of a major company (well I don't, but the contact at my company who has me run through everything in the product does using my steps of reproduction and my workaround) that "we are very sorry, but this is why we only support IE 7,8, and 9 (barrrrrf), and don't provide support if you are using Chrome, Firefox or anything else (that works ten times better). Have a good day! :)
    Image
    R.I.P. Dad. I miss you. You will never be forgotten
    1/12/39 - 8/7/08
    User avatar
    SharkHawk
    * NET Alumni *
     
    Posts: 3883
    Joined: Sat Mar 03, 2007 8:47 am




It is currently Fri Oct 24, 2014 4:02 am

Please REGISTER to become a member

Return to [ THE NET LOUNGE ]




Information
  • Who is online
  • Users browsing this forum: No registered users and 5 guests