What the heck? Attack Site?

[Anand Lal Shimpi]

Hey guys, we've seen it too and we're trying to track down which ad is causing it. If you do get the above error and are willing/able to could you email me the source to the page? It looks like the malware may be served by a 3rd party's ad server that we have no control over, so as soon as we know exactly which ad it is, we can kill it. I'm working on getting some suspect ads pulled right now.

You can email the page source to me directly at anand@anandtech.com.

Take care,
Anand

 

[Turin39789]

now you tell me.

 

[lxskllr]

Hey guys, we've seen it too and we're trying to track down which ad is causing it. If you do get the above error and are willing/able to could you email me the source to the page? It looks like the malware may be served by a 3rd party's ad server that we have no control over, so as soon as we know exactly which ad it is, we can kill it. I'm working on getting some suspect ads pulled right now.

You can email the page source to me directly at anand@anandtech.com.

Take care,
Anand

Sent

 

[Q]

Just happened to me right now.

 

[Fritzo]

I got that warning last night in Chrome. Someone reported Anandtech as a malicious site.

 

[HeXen]

It looks like the malware may be served by a 3rd party's ad server that we have no control over,

as i suspected. many sites have this problem regularly, i feel sorry for those who think their so smart about comptuers they dont need AV's and layered protection and continue to use Windows not realizing hackers are always finding new ways to do things.

 

[briananthonyr]

i'm getting it on the fermi review
using FF+adblock

 

[Meghan54]

Don't be a jackass.

A variety of people reporting the same problem...hmm!

Paige, you know Mike Gayner can't help it...it's in his nature to be a jackass. Congenital defect. To expect anything else from him is like expecting Tiger Woods to turn down a piece of "strange", just isn't gonna happen.

 

[Zillatech]

Mark me down as another "Reported Attack Page!"

When I click the GTX480 Review logo, it blocks the page and gives me the BIG RED WARNING!

 

[Molondo]

Eh, I use Chrome and have never had an issue like this. PEBKAC, like 99.99999% of all virus problems.

lol sheep humper

 

[BoomerD]

This makes me wonder if the "Congratulations! You Won!" that many of us experienced last week is related.

 

[rcpratt]

This is unfortunate, and one of the reasons I will never turn AdBlock off, even on sites that I know and trust.

 

[JEDIYoda]

Hey guys, we've seen it too and we're trying to track down which ad is causing it. If you do get the above error and are willing/able to could you email me the source to the page? It looks like the malware may be served by a 3rd party's ad server that we have no control over, so as soon as we know exactly which ad it is, we can kill it. I'm working on getting some suspect ads pulled right now.

You can email the page source to me directly at anand@anandtech.com.

Take care,
Anand

Damn I missed all the fun!!!

But hey our fearless leader posted, rallying the troops with a all out call for finding and exterminating the enemy!!!!

You Go Anand!!!!!!!!!!

 

[JEDIYoda]

as i suspected. many sites have this problem regularly, i feel sorry for those who think their so smart about comptuers they dont need AV's and layered protection and continue to use Windows not realizing hackers are always finding new ways to do things.

To be honest as much as I am on this site, I was never invited to the party iether!!
But hey 10+ years working for Nortons....

 

[sgtwiltan]

Eh, I use Chrome and have never had an issue like this. PEBKAC, like 99.99999% of all virus problems.

PEBKAC?? You're probably infected if your browser didn't detect it. Running FF 3.6.2 on Linux from 2 different distros with ADblock warn of it. Same with Win7 on FF

 

[Tempered81]

http://www.xtremesystems.org/forums/showthread.php?t=248322

News headline "Anandtech gets hacked" ....

 

[dredd2929]

I get "Reported Attack Page" when trying to click on the link to the new GeForce GTX 480 article.

I try to get the page source (View > Page Source) and it just displays the same error message instead of the source code.

I'm using FF 3.6.2

I would post a screen shot if someone will explain to me how.

 

[AnonymouseUser]

Man, everyone else is having all the fun! I even started an XP VM, installed Flash and Firefox, no AV is running, no adblocks, no flashblock, and have been reloading the Anandtech Fermi review over and over again. I just can't get infected! :\

I get "Reported Attack Page" when trying to click on the link to the new GeForce GTX 480 article.

I try to get the page source (View > Page Source) and it just displays the same error message instead of the source code.

I'm using FF 3.6.2

I would post a screen shot if someone will explain to me how.

Right click > Save Page As...

 

[compguys]

repost. refer to Tempered81's link

 

[AnonymouseUser]

I finally got it, was prompted to install the Adobe Reader plugin. As soon as I did, got the 3D parser error, and was toast. Will send the info to Anand asap.

 

[davecason]

Safe Browsing
Diagnostic page for anandtech.com/mobile

What is the current listing status for anandtech.com/mobile?
Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 2 time(s) over the past 90 days.

What happened when Google visited this site?
Of the 18 pages we tested on the site over the past 90 days, 4 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-03-27, and the last time suspicious content was found on this site was on 2010-03-27.
Malicious software includes 7 trojan(s). Successful infection resulted in an average of 2 new process(es) on the target machine.

Malicious software is hosted on 4 domain(s), including googleanalyticsz.com/, mjgjo.com/, green-fast.net/.

1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including whoiz.shit.la/.

This site was hosted on 1 network(s) including AS36643 (EICOMM).

Has this site acted as an intermediary resulting in further distribution of malware?
Over the past 90 days, anandtech.com/mobile did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?
No, this site has not hosted malicious software over the past 90 days.

How did this happen?
In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

Next steps:
Return to the previous page.

 

[Brainonska511]

Haven't seen any problems on my end, but that might be because of NoScript+AdBlock+Firefox.

Edit:
Also checked my computer with HiJackThis! and using the analyzer tool available online, didn't see any problems. Though, I haven't seen any indication that something tried to install itself either.

 

[AnonymouseUser]

I highly recommend anyone still using Adobe Reader to uninstall it and install Foxit Reader.

 

[A554SS1N]

i'm getting it on the fermi review
using FF+adblock

Same here with FF, I have NoScript running.

 

[Brainonska511]

I highly recommend anyone still using Adobe Reader to uninstall it and install Foxit Reader.

I would use Foxit, but Foxit won't open secured PDF files and sometimes it gives me trouble printing to a networked printer. I did disable the Adobe Firefox plugin (I hate opening PDFs in the browser).

Edit:
Just checked the latest Nvidia GPU review that's up and got the warning in Firefox; but I didn't get it earlier today when I had glanced at it...

Edit again:

And on a bunch of other reviews available.

Of the 18 pages we tested on the site over the past 90 days, 4 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-03-27, and the last time suspicious content was found on this site was on 2010-03-27.

Malicious software includes 7 trojan(s). Successful infection resulted in an average of 2 new process(es) on the target machine.

Malicious software is hosted on 4 domain(s), including googleanalyticsz.com/, mjgjo.com/, green-fast.net/.

1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including whoiz.shit.la/.

This site was hosted on 1 network(s) including AS36643 (EICOMM).