Beginning late yesterday I have been getting redirected when I use the forum. This has happened on both my work and home computer, so I don't think it is in my system. I get redirected to a variety of pages.
I'm able to use the forum if I stop the page from loading as soon as it opens, otherwise I get redirected every time I click on a fourm link.
My work computer has Symantic Endpoint Protection and gives me this message:
[SID: 25291] Fake App Attack. Fake AV Redirect 31 detected
Is anyone else experiencing problems?
I've PMed Admin in hopes they have an idea what's going on.
Hope it's nothing serious and can be fixed.
Forum hacked?
Moderators: Mayhem, Steve Hubbell, Moderators
-
maichan
- Hatamoto<Special Retainer>
- Posts: 2592
- Joined: Fri Jul 22, 2011 23:04 -0700
- Location: On the path of Bushidō
- Contact:
I get redirected to a variety of URLs. I don't let them load, so I don't know what they are about - I don't want to post them here.
It was a one time incident on my computer at home, but here at work it happens with every click or page change. It's only happening on the forum, not on the main dojo pages. I'm running IE 8 at work, and I think I have IE 9 at home.
It was a one time incident on my computer at home, but here at work it happens with every click or page change. It's only happening on the forum, not on the main dojo pages. I'm running IE 8 at work, and I think I have IE 9 at home.
-
Stormhaven
- Shugyosha<Student Warrior>
- Posts: 34
- Joined: Sun Mar 09, 2003 2:51 -0700
-
maichan
- Hatamoto<Special Retainer>
- Posts: 2592
- Joined: Fri Jul 22, 2011 23:04 -0700
- Location: On the path of Bushidō
- Contact:
Well, I don't have a clue what's going on. The Dojo forum is set as one of my homepage tabs, and when I opened my browser after turning on my home computer, instead of the Dojo Forum the tab was a 'false' Microsoft Security warning. I closed that tab, ran a full scan and nothing came up on my computer. I don't know a lot about these things sorts of things, but I assume the problem was coming from the forum, even though I am currently on it without any problem. I've only had this problem show up since yesterday, and only on the Dojo forum.... 
-
TigerRider
- Shugyosha<Student Warrior>
- Posts: 230
- Joined: Wed Oct 07, 2009 0:43 -0700
- Location: Germany (Trier)
-
Stormhaven
- Shugyosha<Student Warrior>
- Posts: 34
- Joined: Sun Mar 09, 2003 2:51 -0700
First step for those of you who have not yet done it is to download and run Malwarebytes Anti-Malware (you can get it on CNET here: http://download.cnet.com/Malwarebytes-A ... 04572.html - or just Google it if you don't trust direct links). It's probably one of the best anti-malware free/shareware programs out there for sniffing out malware infections.
If you have not done so already, also do a full virus scan - but before you do this, your AV should have a way to update the signature file manually. Do an "Update Now" and then run the full scan. If you notice that your last update was over two weeks ago, this may be a symptom of the overall problem. If you do not have a antivirus program (shame on you), you can download quite a few for free. I currently use Microsoft Security Essentials (http://windows.microsoft.com/en-US/wind ... essentials).
URL redirect malware is very, very common. I would not be surprised if all of you are infected. So far I do not see any behavior on this forum that would lead me to believe that the forum as a whole is infected, but without admin rights to this domain, I wouldn't be able to verify (usually the domain host provider has some default way of telling if there was an intrusion - the forum admins wouldn't be able to check, it'd have to be the domain owner/admin - which I think is Todd).
Before anyone else posts that they are or are not seeing redirect issues, please run both MalwareBytes and a AV scan.
Multiple people posting that they do or not get redirected with no further information doesn't really help narrow down the problem.
If you have not done so already, also do a full virus scan - but before you do this, your AV should have a way to update the signature file manually. Do an "Update Now" and then run the full scan. If you notice that your last update was over two weeks ago, this may be a symptom of the overall problem. If you do not have a antivirus program (shame on you), you can download quite a few for free. I currently use Microsoft Security Essentials (http://windows.microsoft.com/en-US/wind ... essentials).
URL redirect malware is very, very common. I would not be surprised if all of you are infected. So far I do not see any behavior on this forum that would lead me to believe that the forum as a whole is infected, but without admin rights to this domain, I wouldn't be able to verify (usually the domain host provider has some default way of telling if there was an intrusion - the forum admins wouldn't be able to check, it'd have to be the domain owner/admin - which I think is Todd).
Before anyone else posts that they are or are not seeing redirect issues, please run both MalwareBytes and a AV scan.
Multiple people posting that they do or not get redirected with no further information doesn't really help narrow down the problem.
-
maichan
- Hatamoto<Special Retainer>
- Posts: 2592
- Joined: Fri Jul 22, 2011 23:04 -0700
- Location: On the path of Bushidō
- Contact:
Okay... to the best of my knowledge my work computer is clean.
I ran our AV (Symantec - updates current). Only one incident of Tracking Cookies was discovered and eliminated.
I ran the Malwarebytes Anti-Malware and nothing was detected.
After doing that, I'm still having the problem. Everytime I go to a new page on the forum I am redirected, but I can backup & stop it .... so I can use the forum, but am handicapped. Once again, it is only the forum I have trouble on - not the main site and not any other sites or forums. My work computer is running Window XP Pro, and I'm using IE 8.
I ran my AV on my home computer last night, and it was clean. I also have Microsoft Security Essentials. I will run the Malwarebytes Anti-Malware when I get home tonight.
One difference between the problem at work & at home - on my home computer I only seem to have the problem when I initially open the forum, after that things run normal.
I am always logged on at both home & work (if that matters or not).
I ran our AV (Symantec - updates current). Only one incident of Tracking Cookies was discovered and eliminated.
I ran the Malwarebytes Anti-Malware and nothing was detected.
After doing that, I'm still having the problem. Everytime I go to a new page on the forum I am redirected, but I can backup & stop it .... so I can use the forum, but am handicapped. Once again, it is only the forum I have trouble on - not the main site and not any other sites or forums. My work computer is running Window XP Pro, and I'm using IE 8.
I ran my AV on my home computer last night, and it was clean. I also have Microsoft Security Essentials. I will run the Malwarebytes Anti-Malware when I get home tonight.
One difference between the problem at work & at home - on my home computer I only seem to have the problem when I initially open the forum, after that things run normal.
I am always logged on at both home & work (if that matters or not).
-
Stormhaven
- Shugyosha<Student Warrior>
- Posts: 34
- Joined: Sun Mar 09, 2003 2:51 -0700
-
Stormhaven
- Shugyosha<Student Warrior>
- Posts: 34
- Joined: Sun Mar 09, 2003 2:51 -0700
I've sent a PM directly to Todd, hopefully he'll see it quickly.
Lets do this now so we can get more information - for those of you who get the redirects and both AV and Malwarebytes comes up clean (this is important, we don't want to start muddling the waters with unrelated issues) please post your browser name and version. You can usually find this information by going to Help > About, with some of the newer browsers that hide their file menu bar, tap the ALT key, that should show you the Help drop down menu.
I'll start out:
Internet Explorer 9.0.8112.16421 - redirects
Chrome 17.0.963.56 m - Does not redirect
Firefox 10.0.2 - Does not redirect
Since some of the sites that you get redirected to are attempting to download malicious files, I am going to post an announcement in the main forum as well. In the meantime, I would suggest only viewing the Dojoboard with one of the "safe" browser options.
Lets do this now so we can get more information - for those of you who get the redirects and both AV and Malwarebytes comes up clean (this is important, we don't want to start muddling the waters with unrelated issues) please post your browser name and version. You can usually find this information by going to Help > About, with some of the newer browsers that hide their file menu bar, tap the ALT key, that should show you the Help drop down menu.
I'll start out:
Internet Explorer 9.0.8112.16421 - redirects
Chrome 17.0.963.56 m - Does not redirect
Firefox 10.0.2 - Does not redirect
Since some of the sites that you get redirected to are attempting to download malicious files, I am going to post an announcement in the main forum as well. In the meantime, I would suggest only viewing the Dojoboard with one of the "safe" browser options.