What the heck? Attack Site?

Page 10 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.

guyver01

Lifer
Sep 25, 2000
22,135
5
61
Quick update:

1) All ads are off the site.

2) We've submitted a review request to Google. These usually take several hours to complete. Once we come back clean, the malware warnings will disappear.

3) At the same time, we're working to fix the root cause of the problem.

More updates as I get them. Thank you all for helping each another out and being patient with us while we work through this.

Take care,
Anand

:thumbsup:
 

RebateMonger

Elite Member
Dec 24, 2005
11,586
0
0
In IE Protected Mode, you would get a "this program will open outside of Protected Mode" prompt that you could cancel, ending the attack. Here's a screenshot of an actual visit to the attack site:
That's what I was getting (in I.E. 8). I couldn't imagine why AnandTech Forums would need the Acrobat 3D tool, so I denied the requests. But I can certainly imagine some folks allowing the request.

My installation of Win7 is one-week-old, so there's not much installed and everything is up-to-date. I'm glad I didn't click on "Allow", though.

Edit: I ran a quick MalwareBytes scan and a full Microsoft Security Essentials scan. Nothing detected on my new PC.
 
Last edited:
Oct 27, 2007
17,009
5
0
This makes me glad I blocked AT's ad providers in my hosts file months ago. Thanks AT for making your ad servers incredibly slow and unreliable! You saved me a couple of hours of screwing around with malware removal.
Code:
127.0.0.1           dynamic2.anandtech.com
127.0.0.1           tenzing.fmpub.net
127.0.0.1           edge.quantserve.com
FTW
 

RebateMonger

Elite Member
Dec 24, 2005
11,586
0
0
Thanks AT for making your ad servers incredibly slow and unreliable!
I noticed that AnandTech page load times, which had been running very long lately, are near-instant now. The load times were getting pretty painful, especially since I only browse the non-graphical Forum pages.
 
Oct 27, 2007
17,009
5
0
I noticed that AnandTech page load times, which had been running very long lately, are near-instant now. The load times were getting pretty painful, especially since I only browse the non-graphical Forum pages.
I recently stopped using ad blockers as a way of supporting the websites that give me so much free content, but I intentionally blocked the AT ads because of the ridiculous load times. Like I said earlier in this thread, AT should start using a reliable ad provider like Google just like everyone else on the internet. Yeah, you might get slightly less revenue, but how many of your users are now blacklisting or using adblockers because of this incident?
 

Zorkorist

Diamond Member
Apr 17, 2007
6,861
3
76
I thought you blocked to try and improve performance.

If the incident you are speaking of is tonights, then, I would wait and give the ops time to respond.

-John
 
Last edited:

KillerCharlie

Diamond Member
Aug 21, 2005
3,691
68
91
Holy crap, I got that "Antivirus Soft" trojan too. Who would have guessed I got it from FORUMS FOR A COMPUTER WEBSITE. Good Lord. As everyone else said, it was a bitch to clean. Avira never caught it in the first place. It completely prevented me from running any program, and I couldn't get online in safe mode. I had to boot up normally then very quickly run task manager and kill it before it started blocking everything. Then it would keep coming back every few minutes so I had to mess with the registry and run Malwarebytes.

When a computer technology website is giving you viruses... well, that says a lot about that website.
 
Last edited:

AnonymouseUser

Diamond Member
May 14, 2003
9,943
107
106
I recently stopped using ad blockers as a way of supporting the websites that give me so much free content, but I intentionally blocked the AT ads because of the ridiculous load times. Like I said earlier in this thread, AT should start using a reliable ad provider like Google just like everyone else on the internet. Yeah, you might get slightly less revenue, but how many of your users are now blacklisting or using adblockers because of this incident?

So what do you do when even Google isn't immune to malware? More info.
 
Last edited:

Zorkorist

Diamond Member
Apr 17, 2007
6,861
3
76
What do I do when people say, Google?

I say they are the new Microsoft.

Pervasive, intrusive, and, in the end, expensive.

Google! You sing out... like they are anything but the next Hi Tech company to be darlings.

-John
 

JEDIYoda

Lifer
Jul 13, 2005
33,986
3,321
126
Educate me, fuck face.

-John

Gladly douche nozzle----

Here is what Anand said, had you read anands post instead of opening your mouth to insert your foot you would have at least had a clue...instead of showing your ignorance!!


Anand--Hey guys, we've seen it too and we're trying to track down which ad is causing it. If you do get the above error and are willing/able to could you email me the source to the page? It looks like the malware may be served by a 3rd party's ad server that we have no control over, so as soon as we know exactly which ad it is, we can kill it. I'm working on getting some suspect ads pulled right now.


Take care,
Anand
 

ViRGE

Elite Member, Moderator Emeritus
Oct 9, 1999
31,516
167
106
I noticed that AnandTech page load times, which had been running very long lately, are near-instant now. The load times were getting pretty painful, especially since I only browse the non-graphical Forum pages.
That has less to do with taking down the ad servers and more to do with the fact that the site was getting slammed once AT's GTX 400 series review went up. The site was slow on Friday even with things blocked.
 
Oct 27, 2007
17,009
5
0
That has less to do with taking down the ad servers and more to do with the fact that the site was getting slammed once AT's GTX 400 series review went up. The site was slow on Friday even with things blocked.
The ad servers have been slow for years.
 

JJChicken

Diamond Member
Apr 9, 2007
6,165
16
81
Hey guys, for a non-techie like myself, is there anything to be worried about? Do I have a virus???
 

Locut0s

Lifer
Nov 28, 2001
22,205
43
91
Hey guys, for a non-techie like myself, is there anything to be worried about? Do I have a virus???

Shouldn't be too worried. Are you using Firefox? If so then just make sure you don't bypass the site warning. If not you probably are ok also. Just do a virus and or malware scan if you are concerned.
 

JJChicken

Diamond Member
Apr 9, 2007
6,165
16
81
Shouldn't be too worried. Are you using Firefox? If so then just make sure you don't bypass the site warning. If not you probably are ok also. Just do a virus and or malware scan if you are concerned.

I use Opera. I haven't had any site warnings. Thanks for your help, I'm re-assured now


Yes. It is a mass mailer.

Everywhere you go you send out copius amounts of hope and change.
:awe:

lol
 

yepp

Senior member
Jul 30, 2006
403
38
91
Avast block these while i was browsing the forums last night:



That could be your culprit.

Not going to post those links directly since some people are stupid enough to click on them.
 

Homerboy

Lifer
Mar 1, 2000
30,890
5,001
126
Holy crap, I got that "Antivirus Soft" trojan too. Who would have guessed I got it from FORUMS FOR A COMPUTER WEBSITE. Good Lord. As everyone else said, it was a bitch to clean. Avira never caught it in the first place. It completely prevented me from running any program, and I couldn't get online in safe mode. I had to boot up normally then very quickly run task manager and kill it before it started blocking everything. Then it would keep coming back every few minutes so I had to mess with the registry and run Malwarebytes.

When a computer technology website is giving you viruses... well, that says a lot about that website.

It really wasnt that hard to clean out. Boot to safe mode with networking.
Get/run rkill.com
scan with malwarebytes.
done.
 

Anand Lal Shimpi

Boss Emeritus
Staff member
Oct 9, 1999
663
1
0
Google has completed its review of AT and the forums and has cleared us both You shouldn't be seeing that Malware error any longer and more importantly, you shouldn't be seeing anything trying to infect you either

Our admin staff was up all night working on the problem, if you see anything else that's strange feel free to contact me directly: anand@anandtech.com.

Take care,
Anand
 
sale-70-410-exam    | Exam-200-125-pdf    | we-sale-70-410-exam    | hot-sale-70-410-exam    | Latest-exam-700-603-Dumps    | Dumps-98-363-exams-date    | Certs-200-125-date    | Dumps-300-075-exams-date    | hot-sale-book-C8010-726-book    | Hot-Sale-200-310-Exam    | Exam-Description-200-310-dumps?    | hot-sale-book-200-125-book    | Latest-Updated-300-209-Exam    | Dumps-210-260-exams-date    | Download-200-125-Exam-PDF    | Exam-Description-300-101-dumps    | Certs-300-101-date    | Hot-Sale-300-075-Exam    | Latest-exam-200-125-Dumps    | Exam-Description-200-125-dumps    | Latest-Updated-300-075-Exam    | hot-sale-book-210-260-book    | Dumps-200-901-exams-date    | Certs-200-901-date    | Latest-exam-1Z0-062-Dumps    | Hot-Sale-1Z0-062-Exam    | Certs-CSSLP-date    | 100%-Pass-70-383-Exams    | Latest-JN0-360-real-exam-questions    | 100%-Pass-4A0-100-Real-Exam-Questions    | Dumps-300-135-exams-date    | Passed-200-105-Tech-Exams    | Latest-Updated-200-310-Exam    | Download-300-070-Exam-PDF    | Hot-Sale-JN0-360-Exam    | 100%-Pass-JN0-360-Exams    | 100%-Pass-JN0-360-Real-Exam-Questions    | Dumps-JN0-360-exams-date    | Exam-Description-1Z0-876-dumps    | Latest-exam-1Z0-876-Dumps    | Dumps-HPE0-Y53-exams-date    | 2017-Latest-HPE0-Y53-Exam    | 100%-Pass-HPE0-Y53-Real-Exam-Questions    | Pass-4A0-100-Exam    | Latest-4A0-100-Questions    | Dumps-98-365-exams-date    | 2017-Latest-98-365-Exam    | 100%-Pass-VCS-254-Exams    | 2017-Latest-VCS-273-Exam    | Dumps-200-355-exams-date    | 2017-Latest-300-320-Exam    | Pass-300-101-Exam    | 100%-Pass-300-115-Exams    |
http://www.portvapes.co.uk/    | http://www.portvapes.co.uk/    |