Adware Issue With Chrome and Firefox.......
- Thread starter ForeverHawk
- Start date
storminspank
Justin VanLaere
Chrome is ok with it now.
Firefox is still being a bully.
Firefox is still being a bully.
Chickenlounge
Well-Known Member
**BEGIN PUBLIC SERVICE ANNOUNCEMENT**
Please don't rely on Anti-Virus software to keep you safe from these types of problems. AV software is not effective at preventing things like this. You've probably heard about the NYT getting hacked a couple weeks ago by the Chinese. The NYT had up-to-date anti-virus on every endpoint that was compromised. The AV software missed 44 of the 45 malicious payloads used by the attackers. Greg Davis is more effective at 3rd down conversions than AV is at picking up new viruses. It's great at finding last year's viruses, but they're always behind the times and should never be your first line of defense.
Disable the extensions you don't need in your browser, or at least force Chrome to prompt you before launching them: java, flash, shockwave, etc. These are common infection vectors, and you probably don't need them for daily browsing. And when you do need them, you can enable them on an as-needed basis in Chrome.
If anybody wants help setting up their browser to prompt them, I can post instructions here or you can PM me.
Stay safe out there.
**END PUBLIC SERVICE ANNOUNCEMENT**
EDIT: I'm not saying you shouldn't run AV, I'm just saying don't rely on it as your only line of defense.
Please don't rely on Anti-Virus software to keep you safe from these types of problems. AV software is not effective at preventing things like this. You've probably heard about the NYT getting hacked a couple weeks ago by the Chinese. The NYT had up-to-date anti-virus on every endpoint that was compromised. The AV software missed 44 of the 45 malicious payloads used by the attackers. Greg Davis is more effective at 3rd down conversions than AV is at picking up new viruses. It's great at finding last year's viruses, but they're always behind the times and should never be your first line of defense.
Disable the extensions you don't need in your browser, or at least force Chrome to prompt you before launching them: java, flash, shockwave, etc. These are common infection vectors, and you probably don't need them for daily browsing. And when you do need them, you can enable them on an as-needed basis in Chrome.
If anybody wants help setting up their browser to prompt them, I can post instructions here or you can PM me.
Stay safe out there.
**END PUBLIC SERVICE ANNOUNCEMENT**
EDIT: I'm not saying you shouldn't run AV, I'm just saying don't rely on it as your only line of defense.
JonDMiller
Publisher/Founder
I have submitted a request to google for them to crawl the site again now that we have removed what I believe was the offending ad network.
S
Scorpio79
Guest
GOOD JOB, JON! GOOD EFFORT! 
JonDMiller
Publisher/Founder
I can tell you that the company who was at fault has been removed from delivering ads. I can also tell you our server, database, etc, is all clean.
S
Scorpio79
Guest
Oddly, chrome on my android tablet never picked up the threat. Only on desktop was hn blocked.
JonDMiller
Publisher/Founder
I would wager this is what happened:
Late last night, one specific ad network was injected....and then it began to deliver ads that were possibly tainted depending on exploit opportunities on individual computers. It also could have been overly aggressive cookie searching which makes a computer think its under an attack, which is called a false positive....and it gets tagged as malware.
kmajhawk
Well-Known Member
Think clearing the browser cache in individual computers would make any difference?
S
Scorpio79
Guest
I don't know anything about this sort of stuff, but that ^ sounds reasonable.
kmajhawk
Well-Known Member
Just did this; doesn't appear to make any difference.
kmajhawk
Well-Known Member
[h=2]Safe Browsing[/h][h=3]Diagnostic page for hawkeyenation.com/forum[/h]
What is the current listing status for hawkeyenation.com/forum?
What is the current listing status for hawkeyenation.com/forum?
Site is listed as suspicious - visiting this web site may harm your computer.
Part of this site was listed for suspicious activity 5 time(s) over the past 90 days.
What happened when Google visited this site?Part of this site was listed for suspicious activity 5 time(s) over the past 90 days.
Of the 195 pages we tested on the site over the past 90 days, 14 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-02-03, and the last time suspicious content was found on this site was on 2013-02-03.Malicious software is hosted on 1 domain(s), including ads.zitaholdings.com/.
2 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including yieldmanager.com/, metanetwork.com/.
This site was hosted on 1 network(s) including AS32748 (STEADFAST).
Has this site acted as an intermediary resulting in further distribution of malware?2 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including yieldmanager.com/, metanetwork.com/.
This site was hosted on 1 network(s) including AS32748 (STEADFAST).
Over the past 90 days, hawkeyenation.com/forum did not appear to function as an intermediary for the infection of any sites.
Has this site hosted malware?
No, this site has not hosted malicious software over the past 90 days.
How did this happen?
In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.
Next steps:
- Return to the previous page.
- If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.
JonDMiller
Publisher/Founder
Right now, the alert is going to keep showing until google scans the site again and doesn't turn up any problems. Being that there are hundreds of millions of sites in the world and its a monday, I am guessing we're somewhere on the list of thousands looking to do same thing this AM
kmajhawk
Well-Known Member
OK. Well, good luck with it. This could certainly cut down on traffic and page views if it goes on long...
JonDMiller
Publisher/Founder
JonDMiller
Publisher/Founder
As far as the latter is concerned, I have initiated that.
Nothing worse than a false positive......
ForeverHawk
Well-Known Member
Maybe a false negative?
