1. Guest - Remember that Thread Prefixes are a search tool! Click on a Thread Prefix and all threads with the same Prefix in that forum will be offered to you. To dismiss this notice click on X >>>
    Dismiss Notice
  2. Our gif only content threads have a rule where all thumbs must be posted as a static thumbnail that does not play. Currently imagebam made a change where they no longer produce static thumbs. Therefore, please do not use imagebam, or any host, that provides live playing gifs in those specific threads. If you see your gif playing once you post, try to use a smaller thumbnail and if that does not work use a different approved host.
    Dismiss Notice
  3. Can't Log-in?. If your password is no longer accepted but the email address registered in your profile is working, use the "Forgot Your Password?" routine. However, if your registered email address is unusable, create a new temporary phun account and contact S-type.
    Dismiss Notice
  4. ATTN: Imagehost picpie is infected with the "internet security warning" redirect that tries to take users hostage with an inescapable redirect. Avoid using picpie as an imagehost.
    Dismiss Notice
  5. Too many Alerts? Why not adjust your "Alert Preferences" in your Profile Page?
    Dismiss Notice

Malware Warning

Discussion in 'About phun.org' started by cayne, Sep 17, 2012.

  1. rocky

    rocky ★ ★ ★ ★ ★

    Joined:
    Nov 22, 2006
    Messages:
    7,744
    Likes Received:
    123,593
    i m still getting that error...hope u guys fix it soon :)
     
  2. haydaddict

    haydaddict Smiley King ★ ★ ★ ★ ☆ 15 Year Member

    Joined:
    Nov 28, 2007
    Messages:
    74,062
    Likes Received:
    94,824
    Im not getting a warning on Mozilla!
    Seems ok now!
     
  3. ExplosiveTurnip

    ExplosiveTurnip

    Joined:
    Aug 9, 2009
    Messages:
    175
    Likes Received:
    67
    Been getting the same warnings on FF since this morning too. Just got it just now upon returning to work. You can give feedback stating that the site is safe, so do that via the button.
     
  4. whoswho

    whoswho

    Joined:
    Sep 13, 2009
    Messages:
    95
    Likes Received:
    92
    Hi sorry, had guests over... yes via "view page source" - still not there at this point... will check random pages on the site and report back :)
     
  5. whoswho

    whoswho

    Joined:
    Sep 13, 2009
    Messages:
    95
    Likes Received:
    92
    Checking random pages here seems all clean for now :)

    I submitted the URL to Comodo Site Inspector: results are here:
    http://siteinspector.comodo.com/public/reports/5967786

    Blacklisted site due to suspicious activity, but no specific results from that link.

    Let's see how it goes.
     
  6. X-Spectre

    X-Spectre Veni, Vidi, Veni

    Joined:
    May 5, 2008
    Messages:
    9,939
    Likes Received:
    8,216
    No AVG pops as of coming on Phun just now. According to AVG this 'virus' is #5 with a bullet to the top right now worldwide.

    One good thing is that if you ARE getting the pops from your anti-virus, it means that it's being properly blocked from your personal PC and only the site and its servers are involved.
     
  7. DXM

    DXM ★ ★ ☆ ☆ ☆

    Joined:
    May 30, 2010
    Messages:
    2,920
    Likes Received:
    10,649
    im still getting a warning in Firefox, I clear the cookies but still got warning

    [​IMG]

    im using Opera right now and not getting any warning :confused: ... is everything back to normal again or not ??
     
  8. Flippy

    Flippy Las cucarachas entran, pero no pueden salir. ★ ★ ★ ★ ★ 15 Year Member Power Poster Phun Award Holder

    Joined:
    Sep 14, 2008
    Messages:
    80,459
    Likes Received:
    516,461
    we are still trying to get a grip of the situation. There are more to it than simple malware.
     
    Magge likes this.
  9. S-type

    S-type Remember to smile! Staff Member ★ ★ ★ ★ ★ 15 Year Member

    Joined:
    Jun 2, 2007
    Messages:
    45,763
    Likes Received:
    137,922
    We believe that the risk no longer exists.

    We're looking into longer term site security issues - how was this done, and how can we prevent it in future - but code that was maliciously injected has been removed.

    However, somewhat naturally it takes a while for the reporting bodies to confirm for themselves the removal of a risk, so warnings/reports/blocks will continue until they all do.
     
    Ramsfan, rocky, iCeleb and 2 others like this.
  10. trolha555

    trolha555 ★ ☆ ☆ ☆ ☆ 15 Year Member

    Joined:
    Feb 21, 2008
    Messages:
    3,522
    Likes Received:
    9,457
    ^^

    I can't find shit on the source... But Chrome is still complaining!! Pff... Bunch of sissys on Google! :D
     
  11. iCeleb

    iCeleb ★ ☆ ☆ ☆ ☆

    Joined:
    Feb 25, 2012
    Messages:
    550
    Likes Received:
    8,585
    Warning is still there ... just checked now ... will probably take a few weeks (at best). :mad:

    Other possibilities ...

    a) malware from embedded video link(s) that wants to install a codec
    b) malware from sig with creative link (html) redirection
    c) malware from external link not removed by mod
    d) some of the above, all of the above

    Personally, not concerned since I have a sandbox machine designed to be infected and restored every other day. This problem will however affect overall viewership and influx of potential talent/ posters.
     
  12. cayne

    cayne Guest

    Yeah, it will show these warning until ol' mighty Google decides to review our site again and remove the warning. I've submitted a request to be reviewed a couple of hours ago (wanted to be sure no shit was left somewhere, as the guy tried his best to put the code into all sorts of locations), now we're just waiting for Google to come back and hopefully remove the warnings.

    @iCeleb, it usually takes just a few hours for Google to review a site. A couple of weeks would destroy most of the websites. Even the current method is a pain in the ass...but like I said, it takes a few hours, not days.
     
  13. HeavyToka

    HeavyToka Lost in a haze ★ ★ ★ ☆ ☆ Ten Years of Phun

    Joined:
    May 5, 2011
    Messages:
    35,209
    Likes Received:
    22,263
    The weird this is, I use Chrome and I haven't seen a warning once.
     
  14. cayne

    cayne Guest

    I haven't got one in Opera either. And I know that it does this too, as I just got the warning two days ago on a different site.
     
  15. Cold As Ice

    Cold As Ice Master of Solid Water Ten Years of Phun

    Joined:
    Sep 24, 2005
    Messages:
    143,078
    Likes Received:
    73,958
    Cayne, because you turned off your admin status you can't receive pm's anymore because your mailbox is full
     
  16. TheOne

    TheOne The President ★ ★ ★ ☆ ☆ 15 Year Member

    Joined:
    Jun 1, 2005
    Messages:
    81,787
    Likes Received:
    32,627
    anyone know what the code actually did?
     
  17. cayne

    cayne Guest

    That's true. I'll activate this account soon. You can send me an email to: cayne at phun dot org
     
    Cold As Ice likes this.
  18. cayne

    cayne Guest

    Fucking up our forum, mostly. Besides that, no clue.
     
  19. dan007123

    dan007123

    Joined:
    Nov 6, 2008
    Messages:
    71
    Likes Received:
    57
    I got infected with that virus , it's called polizei "something" it's a ransom virus.... took me 4-5 hours to get control of my PC >_<
     
  20. iCeleb

    iCeleb ★ ☆ ☆ ☆ ☆

    Joined:
    Feb 25, 2012
    Messages:
    550
    Likes Received:
    8,585
    Did the iFrame pw1 pw2 link steal passwords? Was it intended to do something like this ...

    * : *@forum
    pw1 : pw1@forum
     

Share This Page