1. Guest - Remember that Thread Prefixes are a search tool! Click on a Thread Prefix and all threads with the same Prefix in that forum will be offered to you. To dismiss this notice click on X >>>
    Dismiss Notice
  2. Our gif only content threads have a rule where all thumbs must be posted as a static thumbnail that does not play. Currently imagebam made a change where they no longer produce static thumbs. Therefore, please do not use imagebam, or any host, that provides live playing gifs in those specific threads. If you see your gif playing once you post, try to use a smaller thumbnail and if that does not work use a different approved host.
    Dismiss Notice
  3. Can't Log-in?. If your password is no longer accepted but the email address registered in your profile is working, use the "Forgot Your Password?" routine. However, if your registered email address is unusable, create a new temporary phun account and contact S-type.
    Dismiss Notice
  4. ATTN: Imagehost picpie is infected with the "internet security warning" redirect that tries to take users hostage with an inescapable redirect. Avoid using picpie as an imagehost.
    Dismiss Notice
  5. Too many Alerts? Why not adjust your "Alert Preferences" in your Profile Page?
    Dismiss Notice

Malware Attack on Phun.org

Discussion in 'About phun.org' started by DI.BO, Oct 11, 2014.

  1. DI.BO

    DI.BO Ten Years of Phun

    Joined:
    Jul 12, 2013
    Messages:
    1,906
    Likes Received:
    2,291
    [​IMG]



    what the hell is happent here?
     
    1 person likes this.
  2. Green Bastard

    Green Bastard feels good man

    Joined:
    May 12, 2012
    Messages:
    2,884
    Likes Received:
    4,732
    To start with, visiting Phun is safe. It's not a malware attack on Phun.

    Google scans sites for malware and other nastiness and when it finds something it flags it as "suspicious" in a database it maintains. If you use Chrome, it will block the sites with the warning message you screencapped. Some other security products will use Google's "safe browsing" database as an indicator as well.

    In this case, the potential threat is not on Phun but on the image host picturescream.com. There are thumbs and links to there and Chrome is seeing those references to that "suspicious" domain and blocking Phun as well so you don't even have a chance to click on the links.

    As for what happened on Picturescream, that's something they'll have to deal with and fix. But, most of the time it's from a 3rd party ad they are using. The ads are typically loaded from a 3rd party dynamically with JS to make it easier for the ad provider to switch it out to a different ad/advertiser. So, on picturescream, there's some code that basically says "ok ad provider, give us whatever JS you need to give us and we'll run it". That's fine until the ad provider lets an advertiser through that is trying something malicious. Or sometimes it may not be straight up malicious but shady enough that Google flags it.

    We've had this problem a couple times now with about 4 different image hosts within the past month and one of the main culprits seems to be frienads.com, an advertiser or ad provider that they are using. It's getting old.

    So what should you do?

    • Probably don't visit picturescream for the time being. They'll probably clear it up in the coming days.
    • If you do visit it, make sure you are using an ad and/or script blocker.
    • I feel bad persistently recommending ad and script blocking. Phun needs it's ad revenue to pay for it's servers as do many sites. Ads fund the web. But, at the same time, shitty ads are becoming the most frequent attack vector. I'd consider looking into some form of blocking if you aren't already using it.
     
    11 people like this.
  3. Flippy

    Flippy Las cucarachas entran, pero no pueden salir. ★ ★ ★ ★ ★ 15 Year Member Power Poster Phun Award Holder

    Joined:
    Sep 14, 2008
    Messages:
    80,458
    Likes Received:
    516,432
    what you need to know is that despite the high usability of picturescream its highly cluttered with ads. Even if you may not Think that you have clecked something it can easily drop down simple adaware programs to your computer if your unlucky and click on the wrong Place. Other than that GB has covered the basics.
     
    1 person likes this.
  4. leviathan0999

    leviathan0999 BANNED

    Joined:
    Mar 17, 2008
    Messages:
    429
    Likes Received:
    893
    May I suggest that Phun ban use of Picturescream as the hosting site for AVIs and Signatures?
     
    5 people like this.
  5. Flippy

    Flippy Las cucarachas entran, pero no pueden salir. ★ ★ ★ ★ ★ 15 Year Member Power Poster Phun Award Holder

    Joined:
    Sep 14, 2008
    Messages:
    80,458
    Likes Received:
    516,432
    it will be lifted in the mod lounge.
     
  6. Cold As Ice

    Cold As Ice Master of Solid Water Ten Years of Phun

    Joined:
    Sep 24, 2005
    Messages:
    143,078
    Likes Received:
    73,958
    When it happend to other hosts, they were never banned. So it's not fair to ban picturescream now for same thing.
     
  7. Green Bastard

    Green Bastard feels good man

    Joined:
    May 12, 2012
    Messages:
    2,884
    Likes Received:
    4,732
    Avatars are already hosted here. Sig pics can be if you want. If we banned external images in sigs from one host or all, it wouldn't stop the malware warnings because said hosts would still be used for actual content in threads.

    But, it's certainly worth considering which image hosts we allow with all the problems lately. The problem is that it hasn't been just Picturescream. I think all the major hosts used here except Imgbox have had this problem recently. And finding reliable hosts that both allow adult content and large images opposed to just thumbs is tough.
     
  8. Cold As Ice

    Cold As Ice Master of Solid Water Ten Years of Phun

    Joined:
    Sep 24, 2005
    Messages:
    143,078
    Likes Received:
    73,958
    Imgbox also had problems in the past and it's mega slow at times.
    At the moment sharenxs is offline.
     
  9. Cheeseater

    Cheeseater Guest

    Yes ! :(
     
  10. Magge

    Magge Yoda no more, just a friendly alpaca lover ! ★ ★ ★ ★ ★ 15 Year Member Movers & Shakers Power Poster The Alpaca Whisperer Phun Award Holder

    Joined:
    Mar 18, 2008
    Messages:
    111,959
    Likes Received:
    370,571
    Even MSN has problems ...
     
  11. Green Bastard

    Green Bastard feels good man

    Joined:
    May 12, 2012
    Messages:
    2,884
    Likes Received:
    4,732
    I've been pretty happy with Imgbox since their big overhaul a while ago, but yeah, it's a valid point. No host is perfect.

    And there are other factors when choosing an image host like how quickly and reliably it serves the images, whether we'll be able to trust in it being around in a few years, their rules and takedown policies, etc. It narrows down the possible hosts very quickly making it hard to find a new one or get rid of one.
     
    1 person likes this.
  12. Magge

    Magge Yoda no more, just a friendly alpaca lover ! ★ ★ ★ ★ ★ 15 Year Member Movers & Shakers Power Poster The Alpaca Whisperer Phun Award Holder

    Joined:
    Mar 18, 2008
    Messages:
    111,959
    Likes Received:
    370,571
  13. TheRiver

    TheRiver temporarily a little out of order. ★ ★ ★ ★ ★ 15 Year Member Original Phun Crew Movers & Shakers

    Joined:
    Jun 4, 2005
    Messages:
    27,711
    Likes Received:
    106,443
    pretty likely that a few imagehosts use the same "questionable" ad simultaneously...

    i for one do like imagevenue - pretty unaffected over the years, imho.
     
    2 people like this.

Share This Page